[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-devel
Subject:    Re: suffix stuff argument for the idl compiler in am_edit
From:       Steffen Hansen <stefh () mip ! sdu ! dk>
Date:       1999-06-09 21:20:17
[Download RAW message or body]

On Wed, 9 Jun 1999, Simon Hausmann wrote:

> BTW, I'm currently hacking some POA stuff into kded which should give it a
> nice url for the -kdedior commandline option, so that the user can specify
> the kded url like:
> iioploc://foo.bar.com:port/KDED

Nice!

> And this reminded me of the security problem you once mentioned :-)
> Now that you mention it again: Do you have something working already? With
> the Interceptors and some magic cookie?

No, actually i never solved the problem with clients giving the cookie to
untrusted servers. Setting the cookie in the client, and verifying it
on the server works, but the cookie is verifyed on _every_ invokation, so
there is a performance hit :(

It is problably better and safer to make KDED speak to clients only
through a pipe by default (will that ruin the nice Url? ;-)

> Yes, it was an ugly bug with inout arguments.

They did change the way inout's work. Watch out for memory leaks!

greetings,
--------------
Steffen Hansen                              |
email: stefh@mip.sdu.dk, stefh@imada.sdu.dk,|  
       hansen@kde.org                       | ABC...VWXKZ :)
URL:   http://www.mip.sdu.dk/~stefh         | 

[prev in list] [next in list] [prev in thread] [next in thread]