[Twisted-Python] pb.Copyable, round trip objects, and untrusted clients
Christopher Armstrong
radix at twistedmatrix.com
Thu May 20 01:33:09 EDT 2004
David Ripton wrote:
> There's a third hole to plug, which is passing an object from the server
> to the client as an argument of a client-side remote_* method, and later
> getting it back as an argument to a server-side perspective_* method.
> (e.g. the server passes the client a list of games in progress, and
> later the client passes back the game it wants to join.) If the client
> changes the object before passing it back, it might trick the server
> into doing the wrong thing with it.
>
> Anyway, it seems easy enough to avoid this problem, by just rewinding
> any changes the client has made to such objects. At some point before
> sending an object to the client side, add it to a dict, keyed by its id.
> When an object comes back from the client as an argument in a
> perspective_* call, use its id to lookup the server's copy of the object
> in the dict, and then reassign the current name to the good version of
> the object, losing any changes the client may have made. In other
> words, the client is treated as if it only passed the object's id back,
> not its __dict__. But the interface is simpler.
It sounds like the client ought to just pass a string (e.g., the name of
the game) or something representing the game it wants to play. IOW,
whether it's a string or not, something that isn't possible to be munged
in a way that would "mess up" the server in the first place.
--
Twisted | Christopher Armstrong: International Man of Twistery
Radix | Release Manager, Twisted Project
---------+ http://radix.twistedmatrix.com/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 256 bytes
Desc: OpenPGP digital signature
Url : http://twistedmatrix.com/pipermail/twisted-python/attachments/20040520/bfe79980/attachment.pgp
More information about the Twisted-Python
mailing list