OliveTin should be reasonably secure. Here are some security considerations in the design of the app;
Admins have full control over what commands can by run using
OliveTin does not accept any action (command) arguments by design at the moment, as this has huge potential for exploitation and needs to be handled carefully.
OliveTin listens on just 1 open public port by default (1337). The rest of the ports only listen on
localhostso you don’t have to worry about them in your firewall.
Standard Linux controls can be used to run OliveTin as non-root, with
sudopermissions if needed. See the action customization section of these docs for more details.