[Twisted-Python] pb.Copyable, round trip objects, and untrusted clients

Jasper Phillips jasper at peak.org
Thu May 20 05:34:29 EDT 2004

On Thu, 20 May 2004, Glyph Lefkowitz wrote:

> On Wed, 2004-05-19 at 23:54, David Ripton wrote:
> > This is simple and works, but it's annoyingly repetitive.  And plumbing 
> > code is infecting the application level.  And I know there are other 
> > object vs. id caches inside PB, so this feels redundant.  What's the 
> > right way to do this with Copyable?
> Use Cacheable - sort of.  That helps with the state-management issues. 

In a turn based game it might be clearer just to have explicit and
monolithic state pushes each turn.  Perhaps I just don't get Cacheable, but
if seems more usefull when you have a variety of independently varrying
state, a constant connection, and no clear "Turn" seperation.

> There are about ten other holes you didn't notice and rewinding changes
> is an inherently unsafe way to conceptualize the problem.

Ack!  Now you've got me scared!  Ten other Holes?!  Could you elaborate a
little more?

> If you're seriously interested in security with PB, you will need
> newpb.  You should bother Brian Warner, since it seems like it's
> *almost* there and he just needs a little more nudging.

<nudge nudgee="Brian Warner"/>
<nudge nudgee="Brian Warner"/>
<nudge nudgee="Brian Warner"/>

What's in newpb anyway?  I'd thought this was essentially handled with all
the Avatar/Mind/Realm newcred stuff?


More information about the Twisted-Python mailing list