Security on a production image
Torsten Bergmann
astares at gmx.de
Mon Aug 23 16:29:42 UTC 2004
Hi Sebastián,
when you run your server app in headless mode (for instance
running the squeak VM as an NT service) - the administrator
will not see the squeak window and is not able to manipulate
it using the standard tools. He is only able to use your web
based config applicatioon (if you provide one).
But you may want to additionally lock down the image if
someone starts the image with the VM by hand and the Squeak
window pops up.
In this case have a look for the following
package:
http://map1.squeakfoundation.org/sm/package/0c6d3bda-adbb-496a-ae84-8d4c145d14b5
This is usefull for locking down the image for UI based applications
(disabling morphic halos, ...) - you can take this as a base to build
on own customized locker.
Especially the code for disabling the Command-dot interrupts may
be usefull. But dont forget to include a backdoor for yourself.
You can write a simple login dialog which is either displayed when
you save the image or you use the #addToStartUpList:
methods to get informed about image startup. Have a look at
senders of #addToStartUpList: and #addToShutDownList: in your
image.
Typically you will send these messages in the class side #initialize
method which is called when you load a class into the image.
Also have a look at: http://minnow.cc.gatech.edu/squeak/518
Hope this helps
Bye
Torsten
--
NEU: Bis zu 10 GB Speicher für e-mails & Dateien!
1 GB bereits bei GMX FreeMail http://www.gmx.net/de/go/mail
More information about the Squeak-dev
mailing list
|