Using unix sockets for NSPort

discuss-gnustep

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Using unix sockets for NSPort

From:	Alexander Malmberg
Subject:	Using unix sockets for NSPort
Date:	Thu, 03 Oct 2002 19:55:15 +0200

Hi,

As an experiment (and to try to learn how NSPort works :), I've
implemented basic versions of NSMessagePort and NSMessagePortNameServer:

http://w1.423.telia.com/~u42308495/alex/unix_sockets-0.1.tar.gz

The patch makes NSMessage* the default port and port name server
classes. It works, although it isn't currently very robust or thread
safe.

NSMessagePort uses unix domain sockets (instead of tcp/ip sockets), and
puts the registered names in {NSTemporaryDirectory()}/ports/ (usually
/tmp/username/ports/). Thus, the ports are private to the user who
created/registered it. The two main advantages with this are:

1. Security. Nobody else can connect to your services or mess with your
pasteboard. Apps only connect to your ports, so nobody can set up an
evil pasteboard and store everything you cut/copy/select (or change it;
ever pasted something in a terminal?).

2. Several users can run apps on the same system. Currently, only one
user can register a name on a system. With this implementation, each
user gets a private namespace for ports, so they can all run
gdnc/gpbs/apps without any risk of messing things up for some other
user.

This is meant to replace GSTcpPort, but I propose the following
structure for the NSPort/NSPortNameServer classes:

NSMessagePort/NSMessagePortNameServer are private (user- and
system-specific) unix ports, and thus secure

GSPublicMessagePort/GSPublicMessagePortNameServer are public unix ports
(system-specific, but not user-specific) (could be easily implemented as
a subclass of NSMessagePort)

NSSocketPort/NSSocketPortNameServer are public tcp/ip ports (like the
current GSTcpPort/NSPortNameServer)

NSPort would create NSMessagePort instances, and [NSPortNameServer
+sharedInstance] would return a NSMessagePortNameServer. This way,
everything is secure by default, and those willing to deal with security
can create and register GSPublicMessagePort:s and NSSocketPort:s
explicitly.

(A useful extension would be an [NSPortNameServer +unsafeSharedInstance]
method that returned an NSPortNameServer implementation that queried
NSMessagePortNameServer, GSPublicMessagePortNameServer, and
NSSocketPortNameServer, in that order.)

Comments?

- Alexander Malmberg

[Prev in Thread]

Current Thread

[Next in Thread]

Using unix sockets for NSPort, Alexander Malmberg <=
- Re: Using unix sockets for NSPort, Richard Frith-Macdonald, 2002/10/04
  - Re: Using unix sockets for NSPort, Jeff Teunissen, 2002/10/04
    - Re: Using unix sockets for NSPort, Richard Frith-Macdonald, 2002/10/04
    - Re: Using unix sockets for NSPort, Alexander Malmberg, 2002/10/04
    - Re: Using unix sockets for NSPort, Richard Frith-Macdonald, 2002/10/05
    - Re: Using unix sockets for NSPort, Alexander Malmberg, 2002/10/08
  - Re: Using unix sockets for NSPort, Helge Hess, 2002/10/04
  - Re: Using unix sockets for NSPort, Alexander Malmberg, 2002/10/04

Prev by Date: Re: GNUstep filesystem spec
Next by Date: Gorm Status 10/03/2002
Previous by thread: Correct diff for Palettes and Headers
Next by thread: Re: Using unix sockets for NSPort
Index(es):
- Date
- Thread