golemfactory/ya-runtime-ai

Filter dangerous automatic endpoints

Closed this issue 5 months ago · 0 comments

nieznanysprawiciel commented 8 months ago

Why:

Some endpoints can give Requestor access to Provider's machine

What:

Gather list of endpoints from Marcin
Implement in GSB Proxy filtering based on whitelist
List of endpoints should be added to Runtime trait, because this is framework specific
Use new automatic package with manually removed endpoints

Endpoints:

/sdapi/v1/memory (as healthcheck)
/sdapi/v1/txt2img
/sdapi/v1/img2img