Top things to see in first ALFS

Matthias Berndt Berndt.Matthias at
Wed Feb 2 05:09:29 PST 2005

On Tue, 01 Feb 2005 19:18:03 -0700
Gerard Beekmans <gerard at> wrote:

> The server shouldn't completely "trust" what it is giving in terms of 
> shell commands. I agree that the server receives XML and the server
> itself parses it, validates against some DTD and decides to go ahead
> and run it.

I think nobody has mentioned that the server has to be stupid and trust
the client. The authentication has to be the base of trust between
client and server. I do not see any advantage in sending XML to the
server. In that case the server will need an additional library, which
isn't in LFS.

I sometimes have the feeling someone thinks XML parsed by the server is
more secrue than only sending commands. Why should be profiles be more
secure then 'simple commands'? When i can manipulate the commads send to
server i also can manipulate profiles. IMO profiles are not more or less
secure then simple commands.

Oh ... wait ... have i misunderstood something and we are talking about
an XML based client/sever communication?

The client has to parse the profile to give the user a chance of
intervention. After that you want so send the profile to the server
with some additional information about what and how to be executed and
the server has to parse the profile again. IMO sensless duplicated work.


More information about the alfs-discuss mailing list