[Next] [Up] [Previous] [Contents]
Next: 5.2.2.5 What authentication process Up: 5.2.2 OrbixSecurity Previous: 5.2.2.3 What DCE components

5.2.2.4 Can a user on a remote machine still run the server and call its methods if he or she changes their username on the remote machine deliberately to match the registered users list?

  
Dan Hushon (November, 1997): The Orbix documentation warns you that you should not run the daemon from the root uid, as the root on another machine will be able to control and invoke methods on the particular instance.

Dale Nagata (November, 1997): If the user Foo is allowed to invoke or launch the server Bar on host X, then any user on any remote machine Y can invoke or launch the server if Orbix thinks the user is Foo. What you do at the remote client to make Orbix think you are Foo is up to you, whether you actually login with that id, use a filter, or whatever.


[Next] [Up] [Previous] [Contents]
Next: 5.2.2.5 What authentication process Up: 5.2.2 OrbixSecurity Previous: 5.2.2.3 What DCE components