[Twisted-Python] pb.Copyable, round trip objects, and untrusted clients
Jasper Phillips
jasper at peak.org
Thu May 20 05:34:29 EDT 2004
On Thu, 20 May 2004, Glyph Lefkowitz wrote:
> On Wed, 2004-05-19 at 23:54, David Ripton wrote:
>
> > This is simple and works, but it's annoyingly repetitive. And plumbing
> > code is infecting the application level. And I know there are other
> > object vs. id caches inside PB, so this feels redundant. What's the
> > right way to do this with Copyable?
>
> Use Cacheable - sort of. That helps with the state-management issues.
In a turn based game it might be clearer just to have explicit and
monolithic state pushes each turn. Perhaps I just don't get Cacheable, but
if seems more usefull when you have a variety of independently varrying
state, a constant connection, and no clear "Turn" seperation.
> There are about ten other holes you didn't notice and rewinding changes
> is an inherently unsafe way to conceptualize the problem.
Ack! Now you've got me scared! Ten other Holes?! Could you elaborate a
little more?
> If you're seriously interested in security with PB, you will need
> newpb. You should bother Brian Warner, since it seems like it's
> *almost* there and he just needs a little more nudging.
<nudge nudgee="Brian Warner"/>
<nudge nudgee="Brian Warner"/>
<nudge nudgee="Brian Warner"/>
What's in newpb anyway? I'd thought this was essentially handled with all
the Avatar/Mind/Realm newcred stuff?
-Jasper
More information about the Twisted-Python
mailing list