[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Emacs RPC security
|
From: |
Ted Zlatanov |
|
Subject: |
Re: Emacs RPC security |
|
Date: |
Mon, 25 Apr 2011 13:02:31 -0500 |
|
User-agent: |
Gnus/5.110016 (No Gnus v0.16) Emacs/24.0.50 (gnu/linux) |
On Mon, 25 Apr 2011 14:35:49 -0300 Stefan Monnier <address@hidden> wrote:
SM> Ted wrote:
>> 1) authentication: the server should be able to verify the client's
>> identity and the client should be able to verify the server's identity.
>> This can be accomplished with SSL certificates and GnuTLS or by signing
>> each message.
SM> Using GnuTLS for the TCP connections could be a good idea as well:
SM> patches welcome.
I will put server GnuTLS support in Emacs on my TODO list, but it will
take a while. I hope you consider it important.
>> 2) authorization: the server should be able to associate each client
>> identity with only certain functions it can invoke directly.
SM> When such a need will arise, we will think about it. In all the cases
SM> I've seen until now, the Emacs server is only used by the same user as
SM> the client, so there's not much point making the security structure
SM> so complicated, right now.
Of course, since the security is so weak right now, no one is using it
outside a limited one-user so you haven't seen any unusual cases. I
would use it personally as a remote password server so all my
auth-source data doesn't live on all the machines I use. I would also
use it to implement a remote synchronization facility for Gnus and BBDB.
Ted
- Re: Emacs RPC, (continued)
Emacs RPC security (was: Emacs RPC), Ted Zlatanov, 2011/04/25
Re: Emacs RPC, Sebastian Rose, 2011/04/26