Part of the solution would be to use a UNIX domain socket on UNIX and a named pipe on Windows with the permissions set so only the user running chimera can send messages to it.
Greg
On Tue, 19 Nov 2002, Thomas Goddard wrote:
The two main difficulties with Puppet are registering the helper application with your web browser, and security. The security problem is that the Chimera side of Puppet listens on a socket and has no way of verifying that the request comes from the Chimera user. Currently it accepts connections only from the localhost, but the connection could come from another user on the machine. It also has a mode where Chimera will not execute the Python code sent to it until you press a Run button on the Puppet dialog. That mechanism is too cumbersome for real use.
The security problems would have to be solved before the Chimera installer could attempt to register Puppet with the user's web browser.
participants (1)
-
Greg Couch