[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-devel
Subject: Re: Common server activation
From: Steffen Hansen <stefh () mip ! sdu ! dk>
Date: 1999-06-26 9:43:18
[Download RAW message or body]
On Sat, 26 Jun 1999, Simon Hausmann wrote:
> > I think it would be awfully nice to have a solution that doesn't depend on
> > X. My understanding is that we use X for authentication, though.
>
> Yes, that's why I understood from the libgnorba sources, too. But IMHO
> there's nothing wrong with your approach in general. While developing the
> kde daemon we thought about a similar approach, but we couldn't find a
> proper solution for cookies (Steffen - can you comment on this, please :).
There are (at least) two problems with this. ORBit uses a proprietary
interface for this. We could do something similar with CORBA's
Interceptors, but then the cookie would be checked on every invokation,
which will lead to a performance penalty.
The other problem is that a cookie based scheme is a bit naive. It is too
easy to give away your cookie to an untrusted CORBA server by accident. I
dont really have a solution for this. Maybe we could use a scheme where
the server can propose a challenge to the client, a challenge that can be
answered without revealing the cookie. It requires two-way communication
through.
greetings,
--
Steffen Hansen
email: stefh@mip.sdu.dk, stefh@imada.sdu.dk, hansen@kde.org
URL: http://www.mip.sdu.dk/~stefh
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic