• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: Distributed Objects client/peer identification
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Distributed Objects client/peer identification

  • Subject: Re: Distributed Objects client/peer identification
  • From: Nicko van Someren <email@hidden>
  • Date: Wed, 13 Feb 2008 10:14:35 +0000
On 12 Feb 2008, at 15:38, Hamish Allan wrote:

On Feb 11, 2008 2:22 PM, Nicko van Someren <email@hidden> wrote:

What I want to do is determine what task is trying to make the
connection to my application.  In particular, I want to be able to
make sure that the other end of the connection is a task belonging to
the same user (for instance because some other user is also logged in
using fast user switching).


As of Leopard, this should be taken care of. See:

http://developer.apple.com/technotes/tn2005/tn2083.html

Yup, I read that. I guess my real questions are (a) is the only way that an existing mach port can be acquired by a process by going through a bootstrap server (per-user or otherwise) and (b) is it possible for a (non-root) user to get hold of the bootstrap server of another user?

The ugly hack solution will be for the agent to put a random challenge
in temporary file only readable by the correct user and demand that
the SysPref plug-in send it a copy of the file, but I'd still like to
know how to identify the endpoints of an NSConnection! 

See:

http://developer.apple.com/documentation/Cocoa/Conceptual/DistrObjects/Tasks/delegate.html
http://developer.apple.com/documentation/Cocoa/Reference/Foundation/Classes/NSConnection_Class/Reference/Reference.html#/ /apple_ref/occ/instm/NSObject/authenticateComponents:withData:

The NSData you return could be a hash of the UID and the NSData from
the passed components salted with some shared secret.

Yup, I was planning to use that with a keyed MAC function on the data. Frustratingly, the delegate function you point to (and it's corresponding other side authenticationDataForComponents:) don't get given any connection context, so I have to construct a different delegate for each and every connection :-( Also, while this can be used to authenticate the data that is sent it still leaves the fundamental problem of sharing the shared secret in the first place.

	Nicko

_______________________________________________

Cocoa-dev mailing list (email@hidden)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden






References: 


 >Distributed Objects client/peer identification (From: Nicko van Someren <email@hidden>)


 >Re: Distributed Objects client/peer identification (From: "Hamish Allan" <email@hidden>)






    

  • Prev by Date:
Re: Objective-C++

    • 

  • Next by Date:
Re: Objective-C++

    • 

  • Previous by thread:
Re: Distributed Objects client/peer identification

    • 

  • Next by thread:
finding memory leaks

    • 

  • Index(es):

      

    • Date
      • 

    • Thread
      • 

    

    •