[Adium-devl] Out of process plugins (was: Distant objects)
Ofri Wolfus
ofri.wolfus at gmail.com
Fri May 4 13:48:22 UTC 2007
I'm not sure either (not a security guy myself), but here are some
random ideas:
* Have the user enter a password for other processes to connect. The
user will then enter that password to the "other" process and if both
adium and that process agree on the password, you're authenticated.
* Have adium come with a list of authorized processes and use some
digital signature to verify the process's identity.
- Ofri
- - - - - - - - - - - - - - - - - - -
http://www.dpompa.com
- - - - - - - - - - - - - - - - - - -
On 04/05/2007, at 16:17, Joe Ranieri wrote:
>
> On May 4, 2007, at 09:07:52, Ofri Wolfus wrote:
>
>> So instead of sharing AIAdium, share a proxy to it, and before the
>> proxy will forward any messages to AIAdium, the other side must
>> authenticate with it using whatever mechanism we decide. In
>> practice, the other side sees a "locked" AIAdium that is "unlocked"
>> only once you authenticate with it. Attempts to message the proxy
>> before authenticating will just be denied and/or reported/logged to
>> the user. This way there's no need to bother the user with trusted
>> processes attempting to connect, and only untrusted attempts will
>> be reported.
>
> What's a good mechanism for authenticating (I'm not a security
> person...)?
>
> -- Joe Ranieri
>
> _______________________________________________
> Adium-devl mailing list
> Adium-devl at adiumx.com
> http://adiumx.com/mailman/listinfo/adium-devl_adiumx.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://adium.im/pipermail/devel_adium.im/attachments/20070504/380a7d9b/attachment-0001.html>
More information about the devel
mailing list