river-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sim IJskes - QCG <...@qcg.nl>
Subject Re: Towards Internet Jini Services (trust)
Date Fri, 08 Oct 2010 11:54:06 GMT
On 10/08/2010 01:09 PM, Michal Kleczek wrote:
> On Friday 08 of October 2010 13:02:17 Sim IJskes - QCG wrote:
>> On 10/07/2010 09:57 PM, Michal Kleczek wrote:
>>> So...
>>> I've spent a day on some thinking and prototyping and hopefully I got an
>>> idea. Here is an outline:
>>> 1. We annotate classes with an object implementing Module interface:
>> Is it safe to say that you are basically enhancing the codebase
>> annotation pattern?
> Basically - yes.
> Although I am not sure I understand precisely your question... :)

You understood correctly. :-) (i should have said, construct, well ok).

I noticed the readAnnotation of MarshallInputStream reads an Object and 
then casts it to a String. Are we sure that this is not a possible 
vector for a deserialization attack? Personally i would have taken a 
UTF-8 String (with limited length), but if you only unmarshall Objects 
from TLS connections, that you check first, i guess its ok.

So your solution is allowing for different credentials between the TLS 
and the code source, and checking these credentials.

Is this package pluggable onto river without modifications in river?

Gr. Sim

View raw message