Hi,
On Thu, Jul 16, 2009 at 05:23:11AM +0200, olafbuddenha...@gmx.net wrote:
> As I already said on IRC, I do see some merit in the idea of reverse
> authentication, i.e. file objects authenticating against clients. It
> makes sense to consider files as active objects, which have access to
> certa
Hi,
On Mon, Jun 29, 2009 at 11:23:34AM +0200, Carl Fredrik Hammar wrote:
> On Mon, Jun 29, 2009 at 12:05:26AM +0200, olafbuddenha...@gmx.net
> wrote:
> > On Thu, Jun 11, 2009 at 07:07:35PM +0200, Carl Fredrik Hammar wrote:
> > > Another interesting possibility would be to let the code modules
> >
Hi,
As I already said on IRC, I do see some merit in the idea of reverse
authentication, i.e. file objects authenticating against clients. It
makes sense to consider files as active objects, which have access to
certain user IDs. (The fact that a file system usually provides a whole
bunch of indiv
Hi,
On Mon, Jun 29, 2009 at 11:23:34AM +0200, Carl Fredrik Hammar wrote:
> > > The only real problem with specifying the module by port is that the
> > > receiver needs to load the exact same module and not a copy of it.
> >
> > I don't consider that a problem :-)
>
> Consider Alice who wishes t
Hi,
On Mon, Jun 29, 2009 at 12:05:26AM +0200, olafbuddenha...@gmx.net wrote:
> On Thu, Jun 11, 2009 at 07:07:35PM +0200, Carl Fredrik Hammar wrote:
>
> > To load a mobile object we first need to load its code base that has
> > been specified by the sender of the object. The ideal way to do this
Hi,
On Thu, Jun 11, 2009 at 07:07:35PM +0200, Carl Fredrik Hammar wrote:
> To load a mobile object we first need to load its code base that has
> been specified by the sender of the object. The ideal way to do this
> would be to send a port to a .so file and then load that.
>
> If we loaded the
Hi,
On Thu, Jun 11, 2009 at 07:07:35PM +0200, Carl Fredrik Hammar wrote:
> Instead we can provide a translator that provides this reverse
> authentication but otherwise proxies its underlying node, or perhaps
> just gives out a unproxied port to it directly.
>
> This is has some other advantages.
Hi,
To load a mobile object we first need to load its code base that has
been specified by the sender of the object. The ideal way to do this
would be to send a port to a .so file and then load that.
If we loaded the code module unconditionally, the sender could essentially
inject arbitrary code
