[DGD] DGD and *dbm

Joseph Blomstedt dklayn at gmail.com
Wed Jul 23 19:35:43 CEST 2008


I've been thinking about working on external daemon support as well,
primarily also looking into a very lightweight and sandboxed external
networking daemon (Intermud being the driving focus) as well as means
to run external programs and scripts.

Honestly, I think sockets are the best approach and having an extra
incoming binary port open that connects to the external daemon seems
to be the most robust and cross-platform technique. I'm a big fan of
UCSPI-TCP/UCSPI-SSL and other ideas that allow scripting and easy
socket programming over standard TCP sockets
(http://cr.yp.to/ucspi-tcp.html) which is essentially the same idea
here.

If you're worried about external security, utilizing a secure
public/private key style authentication would be a robust solution.
Only your external daemons have the correct keys and therefore other
local users can't gain access. I'm not sure if a simple homegrown
approach would be best, or if it would make sense to build an
extenstion into DGD that can access the standard SSL/TLS libraries,
but the whole issue of handling secure and authenticated connections
over unreliable and shared networks (ie. the Internet, let alone a
shared local server) has been a solved problem for decades.

Of course, a non-shared server provides the best solution along with
other features. You can get a low-end virtual private server for under
$10 a month thesedays -- good enough for MUD development. Upgrade to
one that's under $25-30 a month and you can handle a fairly large (in
terms of MUDs atleast) MUD. At the end of the day, as far as these
types of security concerns go, there is no difference between a fully
dedicated real server and a VPS.

-Joe



More information about the DGD mailing list