Latest Uploads
PixeLink - ... oween 2014

rockford

PixeLink P ... zle Editor

rockford

PixeLink

rockford

image-21-0 ... -21-29.jpg

Jayenkai

image-15-0 ... -19-40.jpg

Jayenkai

image-15-0 ... -20-07.jpg

Jayenkai

Forum Home

Open and secure?

UserMessage
Posted : Saturday, 25 February 2012, 04:01 | Permalink
Afr0


WW Entries : 3
Lately I've been working on a patching system for Project Dollhouse.
The system is awesome and works great, but last night I realized it has a gaping flaw - security.
The thing is, I want Project Dollhouse to remain 100% open source, and I am not willing to make any compromises there.
I want people to be able to run their own servers. But as of right now, there is no stopping people from leaking off each other's bandwidth.
Scenario:

Person A runs his own server, but is too cheap to provide a webserver for patching.
Person B runs his own server, including a webserver that hosts patches.
Person A directs PDPatcher to download patches from person B's server. This can be done either through a recompile or through a *.ini file.

Does anyone have any ideas to prevent this scenario?
My patch scripts can be found here.

Edit: I realize that providing patches, per definision, is a pretty open service that should and could neccessarily be accessed by anyone, but I'd just like some kind of insurance against systematic leaking, if possible...

-----
Afr0 Games

Project Dollhouse on Github - Please fork!
Homepage : http://www.afr0games.com
Posted : Saturday, 25 February 2012, 04:22 | Permalink | Mark Here
Afr0


WW Entries : 3
Oh!
I just realized I can instruct people to change 'patch.php' so that instead of accepting a URL of "?Version", it'll accept an entirely different URL.
That would also involve recompiling PDPatcher... I think I'll have to change the license, because the Mozilla License requires you to release any source modifications under the Mozilla License free of charge.

-----
Afr0 Games

Project Dollhouse on Github - Please fork!
Homepage : http://www.afr0games.com
Latest Posts
Shoutbox Topic - 550
Kuron Fri 19:06
Three New Retro Consoles Out
rockford Fri 15:50
Tim Cook Comes Out
dna Fri 14:11
RIP : Jay's Nan
Jayenkai Fri 12:18
Little Lever News
Kuron Fri 05:12
Scary Music
rychan Fri 03:21
Happy Birthday MagicMan
Kuron Fri 02:35
SoCoder Feature Request
Kuron Fri 00:34
Happy Halloween from Kuron
Kuron Thu 22:45
Happy Halloween
Kuron Thu 19:24
More

Latest Items
News : Newsletter #241
steve_ancell Thu 20:46
Snippet : Monkey Framework - HTML Layout
steve_ancell Thu 08:35
Woot : Update on hand issues
Kuron Fri 10:34
News : Newsletter #240
steve_ancell Fri 05:29
Techy : My Newest Toys
Jayenkai Sun 04:16
News : Newsletter #239
Jayenkai Sat 05:34
Showcase : Preppie!
Jayenkai Fri 13:00
Rant : I Stubbed My Toe...
steve_ancell Tue 09:47
Blog : Bedroom 2.0
Kuron Mon 18:59
Link : Message(s) from the grave
Jayenkai Tue 09:27
Blog : 20 Years Ago....
steve_ancell Mon 15:28
Life : Back Online
Kuron Tue 11:48
Showcase : Munky Blocks DX
Jayenkai Mon 07:06
Showcase : Little Nemo's Nightmare
Jayenkai Sat 04:14
News : Newsletter #234
rychan Fri 08:02
More

Who's Online
steve_ancell
Fri, at 22:06
Kuron
Fri, at 20:23
rockford
Fri, at 17:13
dna
Fri, at 16:08
rychan
Fri, at 15:14
Jayenkai
Fri, at 14:32
Erebel55
Fri, at 14:30
Krakatomato
Fri, at 13:05
HoboBen
Fri, at 11:02
shroom_monk
Fri, at 04:23
Link to this page
Site : Jayenkai 2006-Infinity | MudChat's origins, BBCode's former life, Image Scaler.