Latest Uploads
isometric test

realtime

dungeon ma ... litz basic

realtime

Crystal Ca ... een So Far

rychan

Crystal Ca ... Screen V1

rychan

Day 5 Graphic

rychan

Mutanty Mo ... Workfiles.

steve_ancell

Forum Home

Open and secure?

UserMessage
Posted : Saturday, 25 February 2012, 04:01 | Permalink
Afr0


WW Entries : 3
Lately I've been working on a patching system for Project Dollhouse.
The system is awesome and works great, but last night I realized it has a gaping flaw - security.
The thing is, I want Project Dollhouse to remain 100% open source, and I am not willing to make any compromises there.
I want people to be able to run their own servers. But as of right now, there is no stopping people from leaking off each other's bandwidth.
Scenario:

Person A runs his own server, but is too cheap to provide a webserver for patching.
Person B runs his own server, including a webserver that hosts patches.
Person A directs PDPatcher to download patches from person B's server. This can be done either through a recompile or through a *.ini file.

Does anyone have any ideas to prevent this scenario?
My patch scripts can be found here.

Edit: I realize that providing patches, per definision, is a pretty open service that should and could neccessarily be accessed by anyone, but I'd just like some kind of insurance against systematic leaking, if possible...

-----
Afr0 Games

Project Dollhouse on Github - Please fork!
Homepage : http://www.afr0games.com
Posted : Saturday, 25 February 2012, 04:22 | Permalink | Mark Here
Afr0


WW Entries : 3
Oh!
I just realized I can instruct people to change 'patch.php' so that instead of accepting a URL of "?Version", it'll accept an entirely different URL.
That would also involve recompiling PDPatcher... I think I'll have to change the license, because the Mozilla License requires you to release any source modifications under the Mozilla License free of charge.

-----
Afr0 Games

Project Dollhouse on Github - Please fork!
Homepage : http://www.afr0games.com
Latest Posts
Happy Easter
Kuron Sun 08:08
Jay gets a Wii U
Jayenkai Sun 07:14
Win7 Installing
dna Sat 13:32
A New Theme!?
Jayenkai Sat 05:30
Ramble ramble/finishing stuff
therevillsgames Fri 19:41
Mint
Dabz Fri 01:02
Joe's Storytime
spinal Thu 13:31
Rest Period
Kuron Wed 22:24
RollerCoaster Tycoon 4
rychan Wed 04:44
Password Security Safety
dna Tue 20:48
More

Latest Items
Blog : DX9Engine
caligula Fri 06:39
Blog : EmuMenu
rickdangerous Fri 04:16
Showcase : BambooBasic
Dabz Thu 18:46
Blog : FInally Some Game Dev Time
rychan Thu 15:35
Family : :c(
steve_ancell Thu 04:58
Showcase : isometric prototype
Jayenkai Thu 04:31
Showcase : dungeon maker algorithm
Jayenkai Wed 01:42
Dev-Diary : More Screens
Kuron Sat 09:01
News : Newsletter #221
Dabz Fri 10:07
Dev-Diary : Crystal Catch Development
rychan Thu 14:38
Link : Sfxr
rychan Thu 04:16
Showcase : SpringySquirrel
Jayenkai Tue 22:58
Dev-Diary : More Planning and Framework Learning
rychan Tue 17:23
Dev-Diary : Another Song
Kuron Tue 09:10
Link : Free 3D characters!
Jayenkai Mon 05:48
More

Who's Online
rychan
Sun, at 13:44
therevillsgames
Sun, at 13:09
Jayenkai
Sun, at 12:59
spinal
Sun, at 12:31
HoboBen
Sun, at 11:34
Hotshot
Sun, at 10:23
9572AD
Sun, at 08:48
shroom_monk
Sun, at 08:42
Kuron
Sun, at 08:08
rockford
Sun, at 04:54
Link to this page
Site : Jayenkai 2006-Infinity | MudChat's origins, BBCode's former life, Image Scaler.