Re: Distributed Objects client/peer identification
Re: Distributed Objects client/peer identification
- Subject: Re: Distributed Objects client/peer identification
- From: Nicko van Someren <email@hidden>
- Date: Tue, 12 Feb 2008 08:37:36 +0000
On 12 Feb 2008, at 00:48, John Pannell wrote:
There are a number of ways to identify the sender uniquely; to
follow your initial line of thinking, have a look at the docs for
NSProcessInfo - you can get the PID or process name or "globally
unique string" for the process, which it can then send along to your
agent while registering with it.
The problem is that there is no authentication on that at all. If
Alice and Bob are both logged in and the Alice tries to modify the
Bob's settings then she can just send the PID for Bob's client and
unless I can check who owns the port on the other end of the
connection Bob's agent can't tell.
I suppose you could also have the agent and the process agree on the
value of NSUserName()?... does your agent launch under a logged in
user's ownership?
The agent runs under the user's UID, as does the user's copy of System
Preferences, but just sending the user name again provides no security.
Nicko
On Feb 11, 2008, at 7:22 AM, Nicko van Someren wrote:
I have a background agent and a System Preferences panel to allow
the user to configure it. They talk to each other using
Distributed Objects. The Programming Topics for DO tells me that
the delegate of the NSConnection gets asked to confirm is a new
connection should be allowed.
What I want to do is determine what task is trying to make the
connection to my application. In particular, I want to be able to
make sure that the other end of the connection is a task belonging
to the same user (for instance because some other user is also
logged in using fast user switching). It would seem that I might
be able to do this with some complex manipulation of Mach port
rights, but if I could just get the PID for the sender I can check
if the process owner is the same user and be done with the
problem. So, does anyone know who to find out where the other end
of an NSConnection resides?
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden