| Subject | RE: [Firebird-Architect] Re: Strategic Replacement for Services API |
|---|---|
| Author | Claudio Valderrama C. |
| Post date | 2005-08-03T05:59:53Z |
> -----Original Message-----If I have an embedded FB, I don't want to open sockets unnecessarily.
> From: Firebird-Architect@yahoogroups.com
> [mailto:Firebird-Architect@yahoogroups.com]On Behalf Of Jim Starkey
> Sent: Viernes, 29 de Julio de 2005 11:09
>
> Jason Dodson wrote:
>
> >Wasn't there complaining about security? With a socket file, permissions
> >can be set as to who can access (connect) to it. Why not something like
> >X, where it can go over the wire, but will use a socket file if
> directed to.
> >
> I don't think it was a serious question. Every network service starts
> with a socket connection. It's up to the server to authenticate the
> client.
IB and FB are so loaded with buffer overruns that creating more avenues for
them to be exploited through unnecesary sockets waiting for connections
seems silly for me. Some people care about security. Others don't. Other
don't understand. Others don't get the idea that security is integral part
of a design, not a varnish at the end of the programming stage.
Just give the person that ships a program with embedded FB the option to not
have open sockets exposed. I think this was Roman's point. Nothing more. Of
course, a full server will have sockets waiting for connections.
C.