Re: Common server activation
- From: Steffen Hansen <stefh mip sdu dk>
- To: Simon Hausmann <tronical gmx net>
- cc: Havoc Pennington <rhp zirx pair com>, Waldo Bastian <bastian ens ascom ch>, "gnome-kde-list gnome org" <gnome-kde-list gnome org>, Matt Koss <koss napri sk>, bjoern hp1 ang-physik uni-kiel de, sopwith redhat com, kde-devel kde org
- Subject: Re: Common server activation
- Date: Sat, 26 Jun 1999 11:43:18 +0200 (CEST)
On Sat, 26 Jun 1999, Simon Hausmann wrote:
> > I think it would be awfully nice to have a solution that doesn't depend on
> > X. My understanding is that we use X for authentication, though.
>
> Yes, that's why I understood from the libgnorba sources, too. But IMHO
> there's nothing wrong with your approach in general. While developing the
> kde daemon we thought about a similar approach, but we couldn't find a
> proper solution for cookies (Steffen - can you comment on this, please :).
There are (at least) two problems with this. ORBit uses a proprietary
interface for this. We could do something similar with CORBA's
Interceptors, but then the cookie would be checked on every invokation,
which will lead to a performance penalty.
The other problem is that a cookie based scheme is a bit naive. It is too
easy to give away your cookie to an untrusted CORBA server by accident. I
dont really have a solution for this. Maybe we could use a scheme where
the server can propose a challenge to the client, a challenge that can be
answered without revealing the cookie. It requires two-way communication
through.
greetings,
--
Steffen Hansen
email: stefh@mip.sdu.dk, stefh@imada.sdu.dk, hansen@kde.org
URL: http://www.mip.sdu.dk/~stefh
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
