Re: Current state of Vsta?

From: Andy Valencia <vandys_at_nospam.org>
Date: Mon Aug 09 1999 - 07:53:35 PDT

[Eric_Jacobs@fc.mcps.k12.md.us (Eric Jacobs) writes:]

>I see no one's answered, so I'll give it a try...

I didn't answer because each time we get a query like this and I answer, the
person goes away. So I thought I'd let somebody else try "first contact". :->

>VSTa is definitely in need of a good SVGA graphics module that could
>handle stuff like bitmaps, clipping, etc.

Also blit! Especially as connected to the bitblit support of the various
graphics chips.

>The problem is that that number is a public server number. Any process
>can open that "//####" and connect to telnetd. A user could write a
>process that hides in the background poking around at port numbers,
>trying to run a fake login process that will record passwords. Etc.

Since all connections are authenticated, I don't see the problem. You
always know the identity of the connecting process.

Even if you didn't want to depend on that, you could generate a 128-bit
number which the connector had to supply before their connection would be
accepted and used.

>The traditional ACL way of solving this, of course, is to require that
>the client who opens "//####" has sys privileges, or whatever. That
>certainly would work, but it doesn't sit well with me for two reasons:
>first, it's not really the VSTa philsophy.

Right. Instead, VSTa tries to preserve the identity (i.e., mechanism)
while leaving policy to the server. I think there's enough mechanism
available to solve this problem.

Andy Valencia
Received on Mon Aug 9 06:45:19 1999

This archive was generated by hypermail 2.1.8 : Thu Sep 22 2005 - 15:12:56 PDT