[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re[2]: security model



Hi,

TS> The route table is shared amongst all the protocols/applications so we
TS> can't really allow untrusted code to have access to such a resource.
If I am administrator, I may want to know the routes of each node,
even evolve the networking protocols(including routing protocol) and
services. If all the downloaded codes are untrusted, these missions
cannt be done by administrator.

TS> Downloaded code will always be run under the RemoteUser principal since
TS> its hard to trust, however, an application can start up a protocol with a
TS> different principal.  Simply create an application that calls
TS> Node.register() with the appropriate Principal object.
I know this and I can get it through application.But I still hope I
can do it through capsule. Can the capsule have two level principals
that are RemoteUser and AdminUser?

TS> tim stack

Another question, I use policy in the configure script.
 node 12.12.12.2 -policy policy.ser
But I got exception.
Exception in PrimordialNode startup: ants.core.security.Principal; Local class not compatible: stream classdes
c serialVersionUID=3520738931194926909 local class serialVersionUID=3300960494289033756
java.io.InvalidClassException: ants.core.security.Principal; Local class not compatible: stream classdesc seri
alVersionUID=3520738931194926909 local class serialVersionUID=3300960494289033756
        at java.io.ObjectStreamClass.validateLocalClass(ObjectStreamClass.java:523)
        at java.io.ObjectStreamClass.setClass(ObjectStreamClass.java:567)
        at java.io.ObjectInputStream.inputClassDescriptor(ObjectInputStream.java:936)
        at java.io.ObjectInputStream.readObject(ObjectInputStream.java:366)
        at java.io.ObjectInputStream.readObject(ObjectInputStream.java:236)
        at java.io.ObjectInputStream.inputObject(ObjectInputStream.java:1186)
        at java.io.ObjectInputStream.readObject(ObjectInputStream.java:386)
        at java.io.ObjectInputStream.readObject(ObjectInputStream.java:236)
        at java.util.Hashtable.readObject(Hashtable.java:791)
        at java.lang.reflect.Method.invoke(Native Method)
        at java.io.ObjectInputStream.invokeObjectReader(ObjectInputStream.java:2213)
        at java.io.ObjectInputStream.inputObject(ObjectInputStream.java:1410)
        at java.io.ObjectInputStream.readObject(ObjectInputStream.java:386)
        at java.io.ObjectInputStream.inputClassFields(ObjectInputStream.java:2262)
        at java.io.ObjectInputStream.defaultReadObject(ObjectInputStream.java:519)
        at java.io.ObjectInputStream.inputObject(ObjectInputStream.java:1411)
        at java.io.ObjectInputStream.readObject(ObjectInputStream.java:386)
        at java.io.ObjectInputStream.readObject(ObjectInputStream.java:236)
        at ants.core.security.ReferenceMonitor.loadFromFile(ReferenceMonitor.java:82)
        at ants.core.security.ReferenceMonitor.loadPolicy(ReferenceMonitor.java:74)
        at ants.core.PrimordialNode.start(PrimordialNode.java:335)
        at ants.core.ConfigurationManager.run(ConfigurationManager.java:386)
        at edu.utah.janos.nodeos.FlowInitializer.startInitialClass(FlowInitializer.java:103)
        at edu.utah.janos.nodeos.FlowInitializer.run(FlowInitializer.java:74)
        at edu.utah.janos.nodeos.pj_Thread$ThreadWrapper.run(pj_Thread.java:77)

-- 
Best regards,
 Rui 






[ Janos ] [ OSKit ] [ Network Testbed ] [ Flick ] [ Fluke ]
Flux Research Group / Department of Computer Science / University of Utah