[Psi-devel] Re: Re: Re: Re: Re: Remote Controlling Psi
Remko Troncon
remko.troncon at cs.kuleuven.ac.be
Tue Jan 4 13:49:17 PST 2005
> Are ad-hoc commands always a two-step process (fetch form, submit form) ?
Not always, but that doesn't matter, if you need an extra step in your
specific command, you just introduce an extra step.
> If so, then all you need is for the command server to supply a random id in
> the form. When the client submits the command request, just include the id.
> This is how replay attacks are solved in all "live" protocols.
This still doesn't save you from an evil admin, who waits for a client
to issue an ad-hoc command, and reroutes a reply on the message
(containing sensitive information, namely the file or a file listing or
whatever) to himself.
The main problem in this very special case is that the sensitive
information is coming in a reply, and so the admin can reroute this
information to himself. I don't see another solution than to encrypt the
information, to make sure that no one but the initial requester can do
something with it.
Note that this situation (where sensitive information is coming back) is a
very special situation of an ad-hoc commands which normally doesn't
occur.
cheers,
Remko
More information about the Psi-devel-affinix.com
mailing list