Re: ORBIT, GNOME, and security

From: Michael Rumpf <michael rumpfonline de>
To: orbit-list gnome org
Subject: Re: ORBIT, GNOME, and security
Date: Tue, 19 Sep 2000 20:32:59 +0200

Dietmar Maurer wrote:
> 
> Elliot Lee wrote:
> 
> > echo 'ORBIIOPIPv4=1' >> /etc/orbitrc
> >
> 
> Is there is a reason why it is disabled by default?

Denial of Service attacks because of open ports are the problem which lead to disabling IIOP by default. ORBit is used primarily on GNOME and there is not that much need for communicating remotely.

> > > And just another question: Is there a way to get object
> > > references via url (hostname,tcp_port,object_key)?
> >
> > Technically speaking, IOR:... is a URL already.
> >
> > I think CVS head has some code to handle iioploc:// and iiop:// URLs in
> > CORBA_ORB_string_to_object(), but I think there are no good reasons to use
> > these - their advantage of human readability is irrelevant, and they have
> > a big disadvantage of not encoding lots of information useful to the ORB.
> 
> I have some remote server. How can I get a object reference without using
> human readable urls?

Please read the first question in the FAQ, where I explained the issue in general. At the end you have a link to an article by Michi Henning which is much longer and describing it more precise..

Michael

Follow-Ups:
- Re: ORBIT, GNOME, and security
  - From: Dietmar Maurer

References:
- Re: ORBIT, GNOME, and security
  - From: Elliot Lee
- Re: ORBIT, GNOME, and security
  - From: Dietmar Maurer

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]