Latest Uploads
Invasion V ... tup screen

rychan

image-07-1 ... -20-59.jpg

Jayenkai

PixeLink - ... oween 2014

rockford

PixeLink P ... zle Editor

rockford

PixeLink

rockford

image-21-0 ... -21-29.jpg

Jayenkai

Forum Home

Open and secure?

UserMessage
Posted : Saturday, 25 February 2012, 04:01 | Permalink
Afr0


WW Entries : 3
Lately I've been working on a patching system for Project Dollhouse.
The system is awesome and works great, but last night I realized it has a gaping flaw - security.
The thing is, I want Project Dollhouse to remain 100% open source, and I am not willing to make any compromises there.
I want people to be able to run their own servers. But as of right now, there is no stopping people from leaking off each other's bandwidth.
Scenario:

Person A runs his own server, but is too cheap to provide a webserver for patching.
Person B runs his own server, including a webserver that hosts patches.
Person A directs PDPatcher to download patches from person B's server. This can be done either through a recompile or through a *.ini file.

Does anyone have any ideas to prevent this scenario?
My patch scripts can be found here.

Edit: I realize that providing patches, per definision, is a pretty open service that should and could neccessarily be accessed by anyone, but I'd just like some kind of insurance against systematic leaking, if possible...

-----
Afr0 Games

Project Dollhouse on Github - Please fork!
Homepage : http://www.afr0games.com
Posted : Saturday, 25 February 2012, 04:22 | Permalink | Mark Here
Afr0


WW Entries : 3
Oh!
I just realized I can instruct people to change 'patch.php' so that instead of accepting a URL of "?Version", it'll accept an entirely different URL.
That would also involve recompiling PDPatcher... I think I'll have to change the license, because the Mozilla License requires you to release any source modifications under the Mozilla License free of charge.

-----
Afr0 Games

Project Dollhouse on Github - Please fork!
Homepage : http://www.afr0games.com
Latest Posts
Drip Drip Drip
zzoom Wed 15:37
Advent Calendars 2014
Jayenkai Wed 04:16
Jay's New Lumia 1020
Jayenkai Wed 04:14
Foodless
Jayenkai Wed 03:30
PlayMyTunes
9572AD Wed 02:17
Sydney : Lindt
rockford Wed 01:40
Santa's Paws
rockford Tue 14:28
Cold Neck = Sore Neck
Jayenkai Tue 14:19
WorthNESs
Afr0 Tue 11:51
Atari Destroy! RAWR!!!
steve_ancell Mon 14:14
More

Latest Items
Showcase : GPS Fun Runner 3D
zzoom Wed 15:35
Showcase : Santa's Workout 2
Jayenkai Wed 08:10
Showcase : The Biggest Snowman
rychan Mon 01:06
News : Newsletter #243
Dabz Thu 03:29
Dev-Diary : Scaling Back
rychan Wed 14:33
Showcase : Alpha Collexion
rychan Wed 06:23
Life : Health Update
rockford Thu 12:41
Blog : Powerball Hack
steve_ancell Tue 18:47
Hols : Advent Calendars
rychan Wed 04:56
Life : MIA until better
Jayenkai Mon 07:03
News : Newsletter #241
steve_ancell Thu 20:46
Snippet : Monkey Framework - HTML Layout
steve_ancell Thu 08:35
Woot : Update on hand issues
rychan Fri 10:00
News : Newsletter #240
steve_ancell Fri 05:29
:
Wed 17:00
More

Who's Online
spinal
Thu, at 02:24
steve_ancell
Thu, at 01:58
rockford
Thu, at 00:51
9572AD
Wed, at 23:47
Jayenkai
Wed, at 21:18
blanko1324
Wed, at 19:20
zzoom
Wed, at 15:37
shroom_monk
Wed, at 15:10
rychan
Wed, at 15:09
magicman
Wed, at 14:06
Link to this page
Site : Jayenkai 2006-Infinity | MudChat's origins, BBCode's former life, Image Scaler.