Re: GEP 3 - Remote activation in bonobo-activation

From: Alan Cox <alan redhat com>
To: rodrigo gnome-db org (Rodrigo Moya)
Cc: alan redhat com (Alan Cox), snickell stanford edu (Seth Nickell), gnome-hackers gnome org (GNOME Hackers)
Subject: Re: GEP 3 - Remote activation in bonobo-activation
Date: Mon, 2 Sep 2002 07:40:21 -0400 (EDT)

> żencryption in the communication you mean? Well, in that case, linc is
> already able to do that, if we do the tcp-socket solution. Or do you
> mean something else?

You need
	-	to prove data is untampered
	-	to protect some data from prying eyes
	-	to prevent replay 
	-	to prove the identify and authorization of the connection
		securely.

That doesn't neccessarily require ssh. although ssh is the one common
installed tool that people have to do this. You could also use something
like keberos and/or the TLS libraries. You still have to figure out how to
pass the authentication around safely. 

An out of the box Linux nowdays probably has ports 0-1023 6000-6xxx and
2049 firewalled, quite likely has all incoming ports blocked except for
actual intended services (eg ssh, http, https)

References:
- Re: GEP 3 - Remote activation in bonobo-activation
  - From: Rodrigo Moya

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]