[DGD] Developing a network daemon
Felix A. Croes
felix at dworkin.nl
Wed Sep 9 23:09:50 CEST 2009
Shentino <shentino at gmail.com> wrote:
>[...]
> Problems:
>
> * Preventing the network daemon from being spoofed to DGD, possible
> workarounds listed
> - use a unix socket protected by filesystem perms to establish the control
> socket
DGD doesn't do unix sockets, so this would still require a patch.
> - use public key crpyto to authenticate
Overkill. Anyone who can snoop traffic on localnet can also snoop the
private key from program memory. A simple password will suffice.
> * Lack of knowhow implementing a decent multiplexer
Don't multiplex outbound connections, have a different (authenticated)
connection from the network daemon to DGDMP for each. That will be much
more efficient, MP-wise.
Regards,
Felix Croes
More information about the DGD
mailing list