Supervisord security


rhasspy uses supervisord.

Regarding security, what is the default behaviour of rhasspy instanciating and communicating with supervisord ? Particularly, does supervisord launch a clear-text, unauthenticated server on port 9001 ?

I’ll give it a closer look on the next week-end but someone surely has the answer :slight_smile:


I don’t explicitly have supervisord start a server on port 9001. Is this on by default?

The rhasspy-supervisor project is responsible for generating supervisor.conf with the configured services. Once started, the only way I interact with supervisord is via a SIGHUP when restarting Rhasspy.

I’d be very interested in your thoughts on security :slight_smile:

I read there that :

If the configuration file has no [unix_http_server] section, a UNIX domain socket HTTP server will not be started.

So it seems all right to me :slight_smile: