river-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dan Creswell <dan.cresw...@gmail.com>
Subject Re: [Fwd: Re: Anonymity, Security - ProcessBuilder and Process]
Date Fri, 10 Jun 2011 15:38:20 GMT
On 8 June 2011 05:31, Peter Firmstone <jini@zeus.net.au> wrote:
> Phoenix wakes (Activates) up a Service when it's required on the server
> side.  I haven't thought of a good name for it, but unlike Phoenix, the
> concept is to perform discovery, lookup and execute smart proxy's on behalf
> of the client jvm at the client node, although I concede you could run a
> service from it also.  Reflective proxy's would be used to make smart
> proxy's appear to the client as thought they're running in the same jvm.
> Process has some peculiarities when it comes to input and output streams,
> they cannot block and thus require threads and buffers to ensure io streams
> are always drained.  Process uses streams over operating system pipes to
> communicate between the primary jvm and subprocess jvm.
> I've been toying around with some Jeri endpoints, specifically for Process
> streams and pipes, still I'm not sure if I should consider it a secure
> method of communication just because it's local.  Do you think I should
> encrypt the streams?

So you want to use pipes?

The answer to whether you want to encrypt the streams or not is down
to what kind of threat you're trying to mitigate. And the threats
possible are determined by what solution you adopt. Pipes are
basically shared memory, what kind of attacks are you worrying about
in that scenario?

> Cheers,
> Peter.

View raw message