[DGD] DGD and *dbm

bart at wotf.org bart at wotf.org
Wed Jul 23 20:29:14 CEST 2008 

On Wed, 23 Jul 2008 10:35:43 -0700, Joseph Blomstedt wrote

> If you're worried about external security, utilizing a secure
> public/private key style authentication would be a robust solution.
> Only your external daemons have the correct keys and therefore other
> local users can't gain access. I'm not sure if a simple homegrown
> approach would be best, or if it would make sense to build an
> extenstion into DGD that can access the standard SSL/TLS libraries,
> but the whole issue of handling secure and authenticated connections
> over unreliable and shared networks (ie. the Internet, let alone a
> shared local server) has been a solved problem for decades.

Oh really?

With all respect, network security is part of my day to day job, and just
judging from the amount of work I have, it is far from a solved problem.
Certain very specific subsets of the problem have been solved, and in ways
often complex enough that I have yet to see the first implementation of such a
solution that is bugfree enough to be called secure at the first, or even
second or third try. This usually takes a few more reincarnations of the solution.

Mudlib security is also a solved issue in theory, but I'll be the first one to
agree that actually implementing a secure solution properly is far from
trivial. One could easily argue that securing outgoing connections is as
simple as masking connect() in your auto object with a function that
inmediately returns. True, but nothing more then a nice bit of theory.

Bottomline, no security problem is ever easy to solve in practise, regardless
of the theory.

> 
> Of course, a non-shared server provides the best solution along with
> other features. You can get a low-end virtual private server for 
> under $10 a month thesedays -- good enough for MUD development. 
> Upgrade to one that's under $25-30 a month and you can handle a 
> fairly large (in terms of MUDs atleast) MUD. At the end of the day,
>  as far as these types of security concerns go, there is no 
> difference between a fully dedicated real server and a VPS.

That rather depends on the vps technology used, and how secure the actual
server is that hosts the virtual servers.

Bart.
--
Created with Open WebMail at http://www.bartsplace.net/
Read my weblog at http://soapbox.bartsplace.net/

More information about the DGD mailing list