(blogs.cisco.com)

166 points rldjbpin | 3 comments | 03 Sep 25 08:18 UTC | HN request time: 0.83s | source

Show context

ekianjo ◴[03 Sep 25 10:02 UTC] No.45114004[source]▶

Ollama has no auth mechanism by default... You have to wonder why they never focused on that

replies(6): >>45114024 #>>45114056 #>>45114140 #>>45114531 #>>45115062 #>>45116572 #

1. Gormo ◴[03 Sep 25 12:42 UTC] No.45115032[source]▶

Ollama doesn't run a web server that is "broadcasting across the internet". It runs a server that is accessible locally. You have to deliberately deploy it onto a public server in order for it to be accessible from the internet.

replies(1): >>45116322 #

2. rvz ◴[03 Sep 25 14:34 UTC] No.45116322[source]▶

>>45115032 #

In all cases, having zero auth at all [0] even when others want to use it as a service to broadcast across the internet is ridiculous. Leading to problems like this: [1] and now all exposed without any protection.

Even allowing others to change the $OLLAMA_HOST env is a security footgun.

[0] https://github.com/ollama/ollama/issues/849

[1] https://www.wiz.io/blog/probllama-ollama-vulnerability-cve-2...

replies(1): >>45120147 #

3. Gormo ◴[03 Sep 25 20:37 UTC] No.45120147{3}[source]▶

>>45116322 #

The idea is that you add an auth layer if that's what you want to do.

The majority of Ollama users at the moment are likely hobbyists working in single-user contexts.

For those who want to deploy it in an organizational setting, it's straightforward to put it behind a pre-existing authenticaton system.

↑

Finding thousands of exposed Ollama instances using Shodan