Circus is built on the top of the ZeroMQ library and comes with no security at all.
There were no focus yet on protecting the Circus system from attacks on its ports, and depending on how you run it, you are creating a potential security hole in the system.
This section explains what Circus does on your system when you run it, and a few recommandations if you want to protect your server.
You can also read http://www.zeromq.org/area:faq#toc5
By default, Circus opens the following TCP ports on the local host:
These ports allow client apps to interact with your Circus system, and depending on how your infrastructure is organized, you may want to protect these ports via firewalls or to configure Circus to run using IPC ports. When Configured using IPC, the commands must be run from the same box, but no one can access them from outside unlike TCP.
By default, all processes started with Circus will be running with the same user and group than circusd. Depending on the privileges the user has on the system, you may not have access to all the features Circus provides.
For instance, some statistics features on the running processes require privileges. Typically, if the CPU usage numbers you get using the stats command are 0, it means your user can’t access the proc files.
You may run circusd as root, to fix this, and set the uid and gid values for each watcher to get all features.
But beware that running circusd as root exposes you to potential privilege escalation bugs. While we’re doing our best to avoid any bug, running as root and facing a bug that performs unwanted actions on your system may be an issue.
The best way to prevent this is to make sure that the system running Circus is isolated (like a VM) or to run the whole system under a controlled user.
The web application is not secured at all and once connected on a running Circus, it can do anything and everything.
Do not make it publicly available
If you want to protect the access to the web panel, you can serve it behind Nginx or Apache or any proxy-capable web server, than can set up security.