apart from running the DRb server over SSL and with $SAFE = 1, I would
like
to add some user authentication to the process. What I was thinking, is
create a proxy object that would forward the server object if the user
and
password is right. Here is a mockup :
class AuthenticationProxy
def initialize(object, user, pass) @object, @user, @pass = object, user, pass
end
def get_server_object(user, pass)
if user == @user and pass == @pass
return @object
else
raise ‘could not authenticate’
end
end
end
This class would be used in the following context :
require ‘drb’
ap = AuthenticationProxy.new([1,2,3], ‘someuser’, ‘somepassword’)
DRb.start_service(nil, ap)
DRb.thread.join
As you see, this is very simple, but I’m wondering if this is enough.
For
example, how does the client know the reference to [1,2,3]. Could it be
guessed in some way, so that it could bypass the AuthenticationProxy ?
…
As you see, this is very simple, but I’m wondering if this is enough. For
example, how does the client know the reference to [1,2,3]. Could it be
guessed in some way, so that it could bypass the AuthenticationProxy ?
Jonas, I’m no DRb expert, but this client code can get access to the
real object without authenticating itself:
@proxy = DRbObject.new( nil, URI )
class << @proxy
undef_method :instance_variable_get
end @proxy.instance_variable_get("@object") # => [1, 2, 3]
It is necessary to undefine #instance_variable_get for the local @proxy
object, so that the message is forwarded to the AuthenticationProxy on
the server side.
apart from running the DRb server over SSL and with $SAFE = 1, I
would like
to add some user authentication to the process. What I was
thinking, is
create a proxy object that would forward the server object if the
user and
password is right.
Write a new DRbProtocol that must send user/password first.
I guess that there are other security issues