![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to naming.t CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [CSRG BSD Unix] / 43BSD / contrib / X / doc / Usenix|
Return to naming.t CVS log | Up to [CSRG BSD Unix] / 43BSD / contrib / X / doc / Usenix |
1.1 ! root 1: .SH ! 2: Resource Location and Authentication ! 3: .PP ! 4: At this time, ! 5: .UX ! 6: lacks good network authentication and resource location. ! 7: The only example of a real name server in widespread use is the ! 8: internet name server. ! 9: As ! 10: .UX ! 11: moves toward a distributed systems environment, ! 12: questions of distributed resource location become important. ! 13: X at this time does little to solve this problem, ! 14: relying on either command line arguments or an environment variable to ! 15: specify the host and display you want the application to use. ! 16: In reality, it should be closely tied to the user's name, since ! 17: the name of a machine is basically irrelevant as users often move. ! 18: X seems to highlight some issues in the future design of such servers ! 19: that may not be widely appreciated. ! 20: .PP ! 21: The model used to best describe distributed computing goes under the ! 22: name of the ``client/server'' model. ! 23: That is, a client program connects to a ``server'' which provides a service ! 24: somewhere in the network. ! 25: The additional twist is that the window system is a ``server'' in this ! 26: model, and other network services may become ``clients'' of the X server. ! 27: For example, ! 28: one can envision using services that want to interact with the user's display. ! 29: The result is that the ``name'' ! 30: of the X server must somehow propagate ! 31: through such service requests, along with whatever authentication information ! 32: may be required to connect the X server in the future. ! 33: This ``cascaded'' services problem has not been well explored. ! 34: .PP ! 35: The access control currently in X requires no authentication, but is ! 36: only adequate for workstations, and fails badly in an environment ! 37: which includes timesharing systems. ! 38: X can be told to only accept connections from a list of machines. ! 39: Unfortunately, if any of them are timesharing machines, ! 40: and you allow access from ! 41: that machine, then anyone on that machine may manipulate your display ! 42: arbitrarily. ! 43: This has the unfortunate side effect of making it trivial to ! 44: write password grabbers (across the net!) or otherwise disturb the ! 45: display if access is left open. ! 46: .PP ! 47: The ``name'' of the user's ! 48: display server also comes and goes with some frequency, ! 49: as each time you log out, any previously authenticated connection ! 50: information needs to be invalidated, so no background process from a previous ! 51: user will disturb the user's display. ! 52: It is also not uncommon that a single user may use multiple displays, ! 53: possibly on multiple machines simultaneously. ! 54: This might be common, for example, in a laboratory environment. ! 55: Interesting questions arise as to which display to use on what machine. ! 56: (For example, the user may initiate a request on a black and white display ! 57: that really works better on a color display; which display on what machine ! 58: should be used?) ! 59: We do not believe these issues, ! 60: in particular the transient and cascading nature of such display services and ! 61: authentication information, ! 62: have been properly taken into account in the design of resource location ! 63: and authentication ! 64: servers.
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.