[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-devel
Subject:    Re: Enhancing lan:/ and rlan:/
From:       Brad Hards <bhards () bigpond ! net ! au>
Date:       2003-06-24 10:44:44
[Download RAW message or body]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tue, 24 Jun 2003 04:16 am, Tim Jansen wrote:
> On Monday 23 June 2003 13:53, Brad Hards wrote:
> > > The implementation of RFC 2608 is done, and a OpenSLP-compatible API is
> > > finished (you can use it as drop-in replacement). So there's quite a
> > > lot
> >
> > So this is a KDE implementation of an SLP SA? Doesn't use OpenSLP code?
>
> It is a Qt-based implementation of a SLP UA, SA and DA. Its architecture is
> quite different from OpenSLP and the other SLP implementations that I have
> seen:
> - the daemon is responsible for all communication between UAs/SAs and the
> network, so even for a UA the daemon must be running all the time
The daemon is then an SA and a UA?

> - the daemon runs chroot'd as a daemon with as few right as possible. If an
> attacker would find a way to run code in that process, he would not be able
> to access/modify any of the user data or become root
Sounds good.
> - SLP packets are not used for communication between the daemon and the
> library. Instead a completely different protocol is used for IPC. The
> reason is that if there would be a exploit in the SLP packet parser it
> should not propagate to the applications and servers that have more rights
> than the SLP daemon
I'm not sure I follow you. Is the intent that if the daemon is exploited, that 
it will be more difficult to use the IPC mechanism than if the daemon simply 
passed SLP packets?

> - the daemon monitors the state of the system's network interfaces and
> reacts accordingly. For example when an interface goes down or changes the
> address the server 'pings' all DAs to check whether they are still
> available. Or when a interface goes up it rescans DAs
How portable is this? Do you poll interfaces?

> Beside the RFC 2614 API it is possible to use the IPC protocol directly or
> implement additional APIs that use the IPC protocol. One of these API is
> the KDE API that I am currently working on. The API can also be used with
> OpenSLP, but you can't use the new features then.
Can you post this interface? Or just send me a copy?

> Additional capabilities of such an API, compared to OpenSLP's
> implementation: + asynchronous calls for all blocking functions work
> without any hacks + automatic registration of services that listen on all
> addresses (bound to wildcard address). Unlike common solutions that require
> you to register a service for each address and require the application to
> monitor the network interfaces and react on changes accordingly, the SLP
> daemon solves the problem by modifying the service's URL for each request
> so that the URL's address is the address of the receiving interface
So if you are in a zeroconf environment (where addresses are subject to 
change) or are roaming, or whatever, and the IP changes (or hostname 
changes), this is handled by the daemon?

Brad
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQE++CucW6pHgIdAuOMRAh2UAKCK5OlwbhGoe6nTj9QJ2HtzvtGD5wCeNhiZ
3kbSn07yOt/wvyO7G+X+IXo=
=3VcK
-----END PGP SIGNATURE-----
 
>> Visit http://mail.kde.org/mailman/listinfo/kde-devel#unsub to unsubscribe <<
[prev in list] [next in list] [prev in thread] [next in thread]