Yeah, I can see the risk in that. I'm using the secure functions of Rugby now, but I also wanted to track IPs so that within a session, a user doesn't show up on multiple IP addresses.
Matt ---------------------------------------------------------------- Pretending your somebody else's ip address. Using Ip addresses is very waek, security-wise. --Maarten >-----Original Message----- >From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of >Matt MacDonald >Sent: maandag 3 november 2003 21:53 >To: [EMAIL PROTECTED] >Subject: [REBOL] Re: Rugby Question > > >What do you mean spoofing? >---------------------------------------------- >Hi Matt, > > >Sorry, I had to put this problem aside for a minute. Ok Maarten, I > >followed > >your advise to keep a running list of the server ports when I connect >to > >them, that makes sense, but I'm still not following how the server can > >keep > >track of the clients. Basically I need to do this on the server: > > > >alive: does > >[ > > client-IP: {get client IP and port from Rugby?} > >] > > > >or something like that so that and then serve that function. This way >the > >client can call that function periodically to let the server know that >it > >is > >still running. I need to have the IP for security reasons so I can >make > >sure that the client is coming from the same address every time. If >you > >need any more specifics, let me know. Some code would really help. > >You cannot get the client IP directly in Rugby. The ports are stored in >the i/o engine (port-q and object-q), but you cannot see that when a >function is invoked (you don't see what client is calling). > >You restrict access to a set of functions using the /restirct >refinement, but I doubt that is what you want. Perhaps a simple >private/public key scheme works best here. With all the spoofing going >on that is a better idea anyway. > >--Maarten _________________________________________________________________ Crave some Miles Davis or Grateful Dead? Your old favorites are always playing on MSN Radio Plus. Trial month free! http://join.msn.com/?page=offers/premiumradio -- To unsubscribe from this list, just send an email to [EMAIL PROTECTED] with unsubscribe as the subject.
