Re: Security issue in developing Mac code -- not sure where to discuss
Re: Security issue in developing Mac code -- not sure where to discuss
- Subject: Re: Security issue in developing Mac code -- not sure where to discuss
- From: Graham Lee <email@hidden>
- Date: Fri, 2 Apr 2010 21:20:36 +0100
Hi Jay,
I think that to understand the security requirements of your app, we
need to know more about what it does. Are all the systems on the same
subnet? What data is sent between them? Should such data be private,
what would happen if it were tanpered with? With what privilege do
different components run? Once you've pinned down the security
requirements, then we can look at the technology needed to implement
them.
P.s. If people do think you're off-topic here, I'd suggest apple-cdsa
(the common data security architecture list) or stackoverflow.com.
Cheers,
Graham Lee
http://blog.securemacprogramming.com
Author of Professional Cocoa Application Security
http://www.amazon.co.uk/gp/product/0470525959?ie=UTF8&tag=thaeofer-21&linkCode=as2&camp=1634&creative=19450&creativeASIN=0470525959
On 2 Apr 2010, at 21:05, Jay Reynolds Freeman <email@hidden
> wrote:
I am not sure where to discuss issues related to developing
Macintosh code that uses the Internet to transmit data in
a secure manner: If anyone can suggest a better list, by all
means say so and I will go there. Meanwhile ...
I am developing a Macintosh application which will be capable
of running on a cluster of Macs; that is, each of a number of
Macs will be running a copy of the application (or of part
of it) and the different Macs will communicate with each
other to coordinate activity and share data: The app is not
a web-server-and-client kind of thing; I expect to be using
Internet socket connections directly, from within the
various instances of the application.
So far, I have described a very general programming issue
-- probably too general for this group. What I am wondering
about is what special support is available for this kind of
thing based on the fact that I am using Macintoshes, and have
all the facilities of MacOS and Xcode to develop and run with.
The app is a clustered version of Wraith Scheme, a parallel
Scheme implementation for the Mac that I have been developing
for some years. See the "Software" page of my web site (URL
below) if you are terminally curious. Wraith Scheme is very
powerful, and a malicious person who accessed it remotely
could do immense damage to the system it is running on.
(The actual number of users of any such clusters is likely
minuscule, so the probability that anyone will try to do such
a thing is small, but I would like to handle the security
issues as professionally as I can.)
Comments are welcome, as are suggestions to go elsewhere.
(People are *always* telling me where to go ...)
-- Jay Reynolds Freeman
---------------------
email@hidden
http://web.mac.com/jay_reynolds_freeman (personal web site)
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden