[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

security in the distributed object system

From: Derek Zhou
Subject: security in the distributed object system
Date: Sun, 13 Apr 2003 16:44:28 -0700
User-agent: Mutt/1.4i

If I understand correctly, gnustep uses tcp for all distributed objects.
So if I vend an object through DO, anybody that knows my protocol and
can make tcp connection to my machine can take over my object. Sounds
like a big remote exploit to me. Even if I reject all remote
connections, there are still local exploits. Am I missing sth here? I am
sure people smarter than me has think about it. So what should I do to
secure my objects? The only way that I can think of is to set a delegate
for the NSConnection and block every message except a "login" message.
But then I need to worry about the exchange of confidentials. Seems not
trivial to me.
Why not to use Unix domain socket instead? Ok, it is not distributed
anymore, but at least it provide a simple way (file permission) to limit
access to the server. I think a lot of people just want to do fancy
secure IPC. How about provide both (tcp and unix domain) so that
everybody is happy? 

reply via email to

[Prev in Thread] Current Thread [Next in Thread]