[Twisted-Python] pb.Copyable, round trip objects, and untrusted clients
David Ripton
dripton at ripton.net
Thu May 20 10:56:59 MDT 2004
On 2004.05.20 00:40:54 +0000, Glyph Lefkowitz wrote:
> On Wed, 2004-05-19 at 23:54, David Ripton wrote:
>
> > This is simple and works, but it's annoyingly repetitive. And plumbing
> > code is infecting the application level. And I know there are other
> > object vs. id caches inside PB, so this feels redundant. What's the
> > right way to do this with Copyable?
>
> Use Cacheable - sort of. That helps with the state-management issues.
That was the answer I was kinda expecting, except for the "sort of"
part that indicates it's not the real answer.
Cacheable is heavier to use than Copyable, so I was hoping to
develop with Copyable, then introduce Cacheable later if performance
demanded it. I guess it's possible to do the same thing with security,
but that's much scarier.
> There are about ten other holes you didn't notice
Got a list?
> and rewinding changes
> is an inherently unsafe way to conceptualize the problem.
Unsafe because you can easily forget to do it in a spot (agreed --
unless you build it into the framework), or unsafe because the client
can exploit its copy of the Copyable server object in other ways?
> If you're seriously interested in security with PB, you will need
> newpb. You should bother Brian Warner, since it seems like it's
> *almost* there and he just needs a little more nudging.
Hey Brian, nudge. If there's anything I can do to help, email me.
--
David Ripton dripton at ripton.net
More information about the Twisted-Python
mailing list