[Coldstuff] Secure Client/Server ideas?
Joerg Weber
coldstuff@cold.org
Tue, 15 Jan 2002 14:33:21 +0100 (CET)
Hello all,
I realize this is the least appropriate forum to ask this, but IF I
should happen to win the lottery this, or maybe next week, I'll dig out my
nifty core again and do all these cool things with cold I always wanted
to. Heh.
Anyways. Part of my changes to the ColdCore was a web-interface which is
used for RPing. Like a complete substitute for the 'normal' login
interface.
Since that's available, I wanted to add some spiffy java applets or
jscript etc. for some things to interact with the user. But, I'd like that
to be somewhat secure. I therefore try to think of concepts about how to
run code on an untrusted machine. I know that's the question of life, the
universe and everything, but maybe someone has a smart idea? Like, passing
a magic session ID to the applet which is used to obfuscate the return
values it sends to the server (to stop someone doing this by hand,
supplzying desired results)?
If someone has some ideas, I'd be happy to hear them. Just keep in mind
please that this is in the ideas-stage, I'm afraid I won't have too much
time in the forseeable future to work things out. Unless I win the damn
lottery, of course :)
Cheers,
Joerg