[omniORB] how to enforce local objects
Renzo Tomaselli
renzo.tomaselli@tecnotp.it
Thu, 26 Jul 2001 18:37:02 +0200
Hi all,
assume one wants to deploy a component suite where the CORBA model
(starting from IDL design) is strictly followed even for purely local
components as opposite to plain C++ library design.
This offers several maintenance advantages in terms of handling complex
datatypes, memory allocation rules and ready plugin into an existing
framework.
However for security reasons local (e.i. colocated) components should not be
visible outside of owning process (e.i. think about a cryptographic support
component).
Can anyone suggest an OmniORB 3.4 way for achieving this constraint ? With
2.8 it was pretty simple (e.g. quick and dirty) because of Object_ptr and
Object * identity: just avoiding to call object_is_ready() was enough while
the virtual table did the rest.
I know some internal trick could be applied to ensure that the caller
belongs to the same address space, but I wonder whether there is any more
official way to enforce such locality constraint so that no external hacker
can explore a "local" POA object table.
Any idea ? Thanks,
Renzo Tomaselli
---------------------------------------------------------------------------
TecnoTP s.n.c. Special Information System Design
Maso Pelauchi I38050 Ronchi Valsugana, Trento TN ITALY
Tel. +39 0461 773164 Fax. +39 0461 771514
e-mail: renzo.tomaselli@tecnotp.it
---------------------------------------------------------------------------