[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Emacs RPC security
|
From: |
Ted Zlatanov |
|
Subject: |
Re: Emacs RPC security |
|
Date: |
Mon, 02 May 2011 14:56:46 -0500 |
|
User-agent: |
Gnus/5.110018 (No Gnus v0.18) Emacs/24.0.50 (gnu/linux) |
On Mon, 02 May 2011 16:48:17 -0300 Stefan Monnier <address@hidden> wrote:
>> I already mentioned that given GnuTLS, we can associate client-side SSL
>> certificates with particular functions, so we authenticate on the
>> certificates and authorize based on the (certificate, function)
>> combination. This seems to me much better, even if "orthogonal," than
>> the current "come visit my server and run anything you like" approach.
SM> I think this is pushing server.el where it shouldn't go. It's not meant
SM> as "Emacs as a server for whichever network service you can think of",
SM> but just "use your own Emacs from other processes". If you want your
SM> Emacs to offer services to various users (rather than just to yourself),
SM> then you'll want to implement your own (probably based on GNUtls).
I'm saying the problem is that server.el doesn't know if you're offering
services just to yourself or to others as well, so you can't say it's OK
to be less secure for personal use. Knowledge of the shared key is
sufficient. Plus there is no authorization granularity so the shared
key grants full access. Am I missing or misunderstanding something?
Ted
- Re: client certs and CRL lists for GnuTLS, (continued)
- Re: client certs and CRL lists for GnuTLS, Chong Yidong, 2011/05/08
- Re: client certs and CRL lists for GnuTLS, Ted Zlatanov, 2011/05/09
- Re: client certs and CRL lists for GnuTLS, Chong Yidong, 2011/05/09
- Gnus ERT tests inside Emacs (was: client certs and CRL lists for GnuTLS), Ted Zlatanov, 2011/05/09
- Re: Gnus ERT tests inside Emacs, David Engster, 2011/05/09
- Re: Gnus ERT tests inside Emacs, Ted Zlatanov, 2011/05/09
- Re: Gnus ERT tests inside Emacs, Ted Zlatanov, 2011/05/11
Re: Emacs RPC security, Julien Danjou, 2011/05/02
Re: Emacs RPC security, Ted Zlatanov, 2011/05/02
- Re: Emacs RPC security, Stefan Monnier, 2011/05/02
- Re: Emacs RPC security,
Ted Zlatanov <=
- Re: Emacs RPC security, Lars Magne Ingebrigtsen, 2011/05/02
- Re: Emacs RPC security, Ted Zlatanov, 2011/05/02
- Re: Emacs RPC security, Lars Magne Ingebrigtsen, 2011/05/02
- Re: Emacs RPC security, Ted Zlatanov, 2011/05/02
- Re: Emacs RPC security, Lars Magne Ingebrigtsen, 2011/05/02
- Re: Emacs RPC security, Ted Zlatanov, 2011/05/02
- Re: Emacs RPC security, Lars Magne Ingebrigtsen, 2011/05/02
Re: Emacs RPC security, Stefan Monnier, 2011/05/02
Re: Emacs RPC security, Harald Hanche-Olsen, 2011/05/03
Re: Emacs RPC security, Stefan Monnier, 2011/05/03