Hi,
this is not really Python-specific but I need it for Python.
I'm wanting a method for interprocess communication which is OS-
independent (sockets would be the normal way to go), but which works if
multiple users use the machine at the same time so that one user has no
access to the communication of programs of another user.
Normally any user could connect to an open socket on a machine
regardless which user established the socket (the user's program, to be
precise). This should be prevented.
I could solve this with an additional login when connecting to socket
but this would be uncomfortable for the user.
Any hints?
TIA
Michael
--
Homepage: http://www.mbutscher.de/ 7  2053 
Michael Butscher wrote: I'm wanting a method for interprocess communication which is OS-
independent (sockets would be the normal way to go), but which works if
multiple users use the machine at the same time so that one user has no
access to the communication of programs of another user.
Any hints?
The conventional solution is to use environment variables or well-known
temporary files for that. For example, the file could look like this
port=45413
cookie=9f563aeb 2e5639cf574
Put the file into a per-user location, and hope that this "good enough"
to separate users. If access control is a must, you need
platform-specific code to deny read access to the file to anybody
but the user.
Alternatively, put the port number and the cookie into an environment
variable, e.g.
FOO_PORT=45413: 9f563aeb2e5639c f574
This is technically better protected (practically, environment
variables might easier leak, e.g. when somebody types "env").
However, this works well only if you manage to set this up
for the entire user session, else you have to ask the user to
manually duplicate the environment variable in all shells
he cares about.
In case this isn't clear yet: the cookie should then be used
for authentication. Only trusted clients would know the right
cookie.
Regards,
Martin
In article <44************ ***********@new sread4.arcor-online.net>,
Michael Butscher <mb*******@gmx. de> wrote: Normally any user could connect to an open socket on a machine
regardless which user established the socket (the user's program, to be
precise).
That's not true. On *nix systems, a socket is a file, and is subject to
the usual file ownership and protection mechanisms.
In article <ld************ ***********@lus t.ihug.co.nz>,
Lawrence D'Oliveiro <ld*@geek-central.gen.new _zealand> writes:
|> In article <44************ ***********@new sread4.arcor-online.net>,
|> Michael Butscher <mb*******@gmx. de> wrote:
|>
|> >Normally any user could connect to an open socket on a machine
|> >regardless which user established the socket (the user's program, to be
|> >precise).
|>
|> That's not true. On *nix systems, a socket is a file, and is subject to
|> the usual file ownership and protection mechanisms.
I am afraid that BOTH answers are badly wrong!
Sockets are often accessed via special files, but are not files.
They may also be accessed by port numbers, for example.
Secondly, even when they are accessed via files, FIFOs generally
do NOT use the usual file ownership and protection mechanisms to
control access. Blame Berkeley for that :-( It is normal for the
actual file ownership and permissions to be ignored, and a similar
set (hidden internally) to be used. You are right that there is
almost always such control.
While any user can attempt to open any socket accessed by port
number, the rules for when it is permitted are complicated to a
degree, and depend on the system, configuration and program that
is listening on that port.
Regards,
Nick Maclaren.
In article <44************ ***********@new sread4.arcor-online.net>,
Michael Butscher <mb*******@gmx. de> writes:
|>
|> this is not really Python-specific but I need it for Python.
|>
|> I'm wanting a method for interprocess communication which is OS-
|> independent (sockets would be the normal way to go), but which works if
|> multiple users use the machine at the same time so that one user has no
|> access to the communication of programs of another user.
You're onto a complete loser if you really mean that. But you are
probably meaning Unix-like systems (including Microsoft ones), and
excluding the systems that are not based on or largely cloned from
Unix. You should look at the POSIX facilities, but don't rely on
them without checking.
Also think very carefully whether you want to separate by user or
job - the latter is trickier under Unix.
Regards,
Nick Maclaren.
In article <e8**********@g emini.csx.cam.a c.uk>, nm**@cus.cam.ac .uk (Nick Maclaren) wrote: In article <ld************ ***********@lus t.ihug.co.nz>,
Lawrence D'Oliveiro <ld*@geek-central.gen.new _zealand> writes:
|> In article <44************ ***********@new sread4.arcor-online.net>,
|> Michael Butscher <mb*******@gmx. de> wrote:
|>
|> >Normally any user could connect to an open socket on a machine
|> >regardless which user established the socket (the user's program, to be
|> >precise).
|>
|> That's not true. On *nix systems, a socket is a file, and is subject to
|> the usual file ownership and protection mechanisms.
I am afraid that BOTH answers are badly wrong!
Sockets are often accessed via special files, but are not files.
They are files. They are not _regular_ files.
They may also be accessed by port numbers, for example.
UNIX sockets have no ports.
Secondly, even when they are accessed via files, FIFOs generally
do NOT use the usual file ownership and protection mechanisms to
control access.
I wasn't talking about FIFOs. Even if I was, they _are_ still subject to
regular file permissions (on Linux, at least).
While any user can attempt to open any socket accessed by port
number...
UNIX sockets have no ports.
In article <ld************ ***********@lus t.ihug.co.nz>,
Lawrence D'Oliveiro <ld*@geek-central.gen.new _zealand> writes:
|> >
|> >Sockets are often accessed via special files, but are not files.
|>
|> They are files. They are not _regular_ files.
Sigh. Firstly, look at something like: http://www.opengroup.org/onlinepubs/009695399/toc.htm
Start at the entry 'socket' and work from there.
Yes, I know about UNIX-domain sockets, but even when they give the
appearance of being files, 90% of the time that is the API only,
and the underlying facility is very different. Dammit, processes
are not files just because they happen to have a /proc entry under
many systems!
|> >They may also be accessed by port numbers, for example.
|>
|> UNIX sockets have no ports.
You mean "UNIX-domain", not "UNIX". So? Many sockets do. Internet-
domain ones always do.
|> I wasn't talking about FIFOs. Even if I was, they _are_ still subject to
|> regular file permissions (on Linux, at least).
They aren't on most Unices - Linux is not UNIX, you know :-)
I shall not respond further on this.
Regards,
Nick Maclaren.
In article <e8**********@g emini.csx.cam.a c.uk>, nm**@cus.cam.ac .uk (Nick Maclaren) wrote: In article <ld************ ***********@lus t.ihug.co.nz>,
Lawrence D'Oliveiro <ld*@geek-central.gen.new _zealand> writes:
|> >
|> >Sockets are often accessed via special files, but are not files.
|>
|> They are files. They are not _regular_ files.
Yes, I know about UNIX-domain sockets, but even when they give the
appearance of being files, 90% of the time that is the API only,
and the underlying facility is very different.
Irrelevant. The userland API requires accessing a file, which is subject
to standard *nix file ownerships and protections.
Dammit, processes
are not files just because they happen to have a /proc entry under
many systems!
They are files. They have all the semantics of files. Under Linux they
are in fact directories, but those are still files.
They are not files with blocks allocated on some physical disk
partition, but that doesn't make them any the less files.
|> I wasn't talking about FIFOs. Even if I was, they _are_ still subject to
|> regular file permissions (on Linux, at least).
They aren't on most Unices - Linux is not UNIX, you know :-)
I'm not aware of any *nix system worthy of the name where they are not.
The "everything-is-a-file" concept is deeply ingrained into the whole
*nix philosophy.
I shall not respond further on this.
One can hope... This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics | |
by: Ayende Rahien |
last post by:
Is it possible to use events as a communication mechanism between threads?
|
by: alotcode |
last post by:
Hello:
What is 'interprocess subclassing'? To give more context, I am writing
in reference to the following remark: With the advent of the Microsoft
Win32 API, interprocess subclassing was discouraged and made it a bit
harder to code
(http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnwebgen/html/bho.asp)
Thank you for your help.
|
by: Tamir Khason |
last post by:
What is the preferred way to exchange data between processes?
Example:
I have 2 applications (C#)
1) WinForms (A)
2) Command Line (B)
Both od them use DataLayer (class library) C
A calls to run B (via exec)
B loads data into C
A reads data from C
|
by: guy |
last post by:
In the past I've used sockets in C++ to allow apps to communicate with each
other over a local network. Is there anything better/more advanced in .NET
or should I continue to use sockets and the .NET Socket class under C#?
The (mini) project that I'm about to start will receive stream live data
(stock market prices) and reformat that data and perform some calculations
on it before disseminating it to client applications on the local...
|
by: ribaud |
last post by:
Hi all,
i am working on a communication method between two apps.
the first app is a pure c++ project, potentially usable on windows and linux.
the second app will be a dotnet app using winforms. it will give orders to the first app. winforms are used to make a good looking and simple interface for third party users.
The communication method must be usable on linux in order to create a third app which could also run on linux. (maybe using...
| | |
by: WTH |
last post by:
with a C# client (and/or server, but server not important)?
I've got a scalable high speed (uses completion ports) C++ TCP/IP
communication server but I'd like to write a C# client that other C# devs at
our company can just drop in and use (it's an event and message passing
system.)
I'm sure, as most things C#/.Net, it's relatively simple, but if I can
discover some caveats the easy way rather than the hard way I'm always up
for that...
|
by: James Aguilar |
last post by:
Oh wise readers of comp.lang.python,
Lend a newbie your ears. I have read several old articles from this
group about memory mapping and interprocess communication and have
Googled the sh** out of the internet, but have not found sufficient to
answer my questions.
Suppose that I am writing a ray tracer in Python. Well, perhaps not a
ray tracer. Suppose that I am writing a ray tracer that has to update
sixty times a second (Ignore...
|
by: batista |
last post by:
Hello all,
I need suggestions and possibly solutions to the problem stated below:
I have an application written purely in .NET ( Windows Form
Application) and another application that is supposed to be written in
MFC(Visual C++) or Win32 GUI Application. The problem is to communicate
data between the two applications.
for example,
|
by: Murali |
last post by:
Hi Python Gurus,
I am writing a GUI app (on linux) using pygtk which would launch some
external applications and display their stdout and stderr inside the
output window of my application synchronously. I am using the
subprocess module's Popen to launch the external programs and to
capture their stdout and stderr. The problem is that, for some
external programs that I launch inside my interface, I am not able to
capture and display the...
|
by: Murali |
last post by:
Hi Python Gurus,
I am writing a GUI app (on linux) using pygtk which would launch some
external applications and display their stdout and stderr inside the
output window of my application synchronously. I am using the
subprocess module's Popen to launch the external programs and to
capture their stdout and stderr. The problem is that, for some
external programs that I launch inside my interface, I am not able to
capture and display the...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
| | |
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
| | |
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
|
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
| |
