As things currently are set up, if we enable external connections (chimera
-H ip.address.goes.here), anyone who wants to (and has a copy of chimera)
could connect and request that chimera do stuff.
Before I could, recommend this system for production use, we must implement
some sort of access control. At the least, we should support IP-based
security (eg: prevent unknown subnets) and passphrase access (shared
secret). This can be done by creating a custom validator as notated on in
the pyro documentation: http://pyro.sourceforge.net/manual/9-security.html
Original issue reported on code.google.com by laughing...@gmail.com on 17 Jul 2008 at 2:14
Original issue reported on code.google.com by
laughing...@gmail.comon 17 Jul 2008 at 2:14