![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to naming.t CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [CSRG BSD Unix] / 43BSD / contrib / X / doc / Usenix|
Return to naming.t CVS log | Up to [CSRG BSD Unix] / 43BSD / contrib / X / doc / Usenix |
1.1 root 1: .SH
2: Resource Location and Authentication
3: .PP
4: At this time,
5: .UX
6: lacks good network authentication and resource location.
7: The only example of a real name server in widespread use is the
8: internet name server.
9: As
10: .UX
11: moves toward a distributed systems environment,
12: questions of distributed resource location become important.
13: X at this time does little to solve this problem,
14: relying on either command line arguments or an environment variable to
15: specify the host and display you want the application to use.
16: In reality, it should be closely tied to the user's name, since
17: the name of a machine is basically irrelevant as users often move.
18: X seems to highlight some issues in the future design of such servers
19: that may not be widely appreciated.
20: .PP
21: The model used to best describe distributed computing goes under the
22: name of the ``client/server'' model.
23: That is, a client program connects to a ``server'' which provides a service
24: somewhere in the network.
25: The additional twist is that the window system is a ``server'' in this
26: model, and other network services may become ``clients'' of the X server.
27: For example,
28: one can envision using services that want to interact with the user's display.
29: The result is that the ``name''
30: of the X server must somehow propagate
31: through such service requests, along with whatever authentication information
32: may be required to connect the X server in the future.
33: This ``cascaded'' services problem has not been well explored.
34: .PP
35: The access control currently in X requires no authentication, but is
36: only adequate for workstations, and fails badly in an environment
37: which includes timesharing systems.
38: X can be told to only accept connections from a list of machines.
39: Unfortunately, if any of them are timesharing machines,
40: and you allow access from
41: that machine, then anyone on that machine may manipulate your display
42: arbitrarily.
43: This has the unfortunate side effect of making it trivial to
44: write password grabbers (across the net!) or otherwise disturb the
45: display if access is left open.
46: .PP
47: The ``name'' of the user's
48: display server also comes and goes with some frequency,
49: as each time you log out, any previously authenticated connection
50: information needs to be invalidated, so no background process from a previous
51: user will disturb the user's display.
52: It is also not uncommon that a single user may use multiple displays,
53: possibly on multiple machines simultaneously.
54: This might be common, for example, in a laboratory environment.
55: Interesting questions arise as to which display to use on what machine.
56: (For example, the user may initiate a request on a black and white display
57: that really works better on a color display; which display on what machine
58: should be used?)
59: We do not believe these issues,
60: in particular the transient and cascading nature of such display services and
61: authentication information,
62: have been properly taken into account in the design of resource location
63: and authentication
64: servers.
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.