|  Tabmow | Feb 10, 9:33pm | This is probably far too serious of a question for the likes of this forum, but gin has convinced me otherwise...
What exactly does limited server to client communication really add to web security these days? I admit that allowing a client to talk to another peer or server via a website would allow for a faster spreading problem, but there is no reason this could not be emulated under current rules with say, a signed applet (or some very hackish like stuff / a server that emulates a proxy). Cross Site Scripting certainly could become more insidious, but if the expansion of connections was only to a verified network (of peers / servers), is the commonplace server to client security model overkill (or are the security constraints serious / too complicated) to be allowed at a generic level? |
|
|
| | moookid | Feb 11, 8:41am | | there is no overkill. |
|
|
| | Tabmow | Feb 11, 12:14pm | | 2: If that is the case, I'd recommend unplugging your computer. |
|
|
| | olegnep | Feb 11, 12:22pm | | limited server to client communication - you only need to enable the functions and ports of your server that you need to use , every open feature or port is a potential security risk , only have open what you absolutely need. close everything else - that is my vague response i have gathered from my meager server client relationship knowledge. |
|
|
Sponsor |  ntltrmllgnc | Feb 11, 12:49pm | | Opportunity Knocks. Don't Answer. I think ports should have permissions just like files do. |
|
|
| | olegnep | Feb 11, 12:55pm | how hard would that be to program into the tcpic settings though? perhaps in nix
the only thing it that it might put more strain on the server for general use.. |
|
|
Sponsor | | ntltrmllgnc | Feb 11, 1:04pm | see what you do is you have a monitor daemon and some service daemons
each service daemon exports its function with which to access it
every service daemon looks over the incoming input and says thank you when it matches.
afterwards the monitor daemon uses the access function to associate certain input with a daemon. no more port numbers. no more screwy webservers on multiple port numbers unless already expressly negotiated.
the only caveat is avoiding the creation of Mach |
|
|
| | Tabmow | Feb 17, 3:51am | | I know it might sound scary, but say for example, how bad would it really be to be to allow any page to pull multiple rss feeds from other servers mixed together onto one page, using plain old javascript or an applet... |
|
| Violating Security Standards | | |
You need to Sign-up for StumbleUpon to post to this forum
|
Hack → Discussion