security

[Chris Muller]

Hi Milan,

Running Magma servers naked on the net (and the required
authentication protocol implementation) is still something I would
like to see Magma do.  However, I can only accept a truly
digitally-secure solution, not a "facade" like HTTP-auth squeaksource,
squeakmap, etc.

I have an old prototype (2007!) based on KryptOn which satisfies my
security requirements, but I unfortunately found that to be truly
secure that way also involves a performance-cost.  And so this created
a dilemma for the private-network Magma projects which want to run
optimally.  So, the last state of the security project was me looking
for a way to "short-circuit" the security without.. ahem,
short-circuiting the security.

Your best option for now may be use a tunnel if you must go over public lines.

 - Chris


On Mon, Oct 24, 2011 at 12:48 PM, Milan Mimica <milan.mimica at gmail.com> wrote:
> Hello!
> I know magma deliberately omits any client authentication code, but then,
> how do I prevent anyone to connect and modify my database? Do rely on the
> firewall to not allow any connections from the outside to magma server port?
> Do I rely on magma being an obscure database?
>
>
> --
> Milan Mimica
> http://sparklet.sf.net
>
> _______________________________________________
> Magma mailing list
> Magma at lists.squeakfoundation.org
> http://lists.squeakfoundation.org/mailman/listinfo/magma
>
>