Security #1724
-
|
Hey, It feels a bit scary to install this though as you can run several commands that could be very dangerous for hackers if they access the system. How is the security for this addon? Can you disable functions like running code etc? If someone manage to hack into home assistant, will they have full control over my computer as well? |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment
-
|
In version 3.x.x the command service has been removed. This means that commands can no longer be run that are not provided by the system. The Also, in terms of home assistant, you should always ensure you keep your password secure and if exposing to the internet should use secure methods like HA Cloud or a secure VPN tunnel to your network. |
Beta Was this translation helpful? Give feedback.
In version 3.x.x the command service has been removed. This means that commands can no longer be run that are not provided by the system.
The
api-keywhich is required for every request, is generated at first launch, and is encrypted and stored in your local machine with the only access available via the GUI or CLI tool on the local machine.Also, in terms of home assistant, you should always ensure you keep your password secure and if exposing to the internet should use secure methods like HA Cloud or a secure VPN tunnel to your network.