On Sep 12, 2005, at 11:26 AM, Frank Millman wrote: > If I move all the authentication and business logic to a program which > runs on the server, it is up to the system administrator to ensure that > only authorised people have read/write/execute privileges on that > program. Clients will have no privileges, not even execute. They will > have their own client program, which has to connect to my server > program, and communicate with it in predefined ways. I *think* that in > this way I can ensure that they cannot do anything outside the bounds > of what I allow them.
I think you have no choice but to do this. Even if you package up the program in an unmodifiable form, a competent user with a packet sniffer or even standard OS utilities can determine where you are connecting and bypass your security/logic. Only if the logic is implemented at a point beyond the user's reach can you be ensured of logic integrity. -Michael -- http://mail.python.org/mailman/listinfo/python-list
