From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.org!not-for-mail
From: Ted Zlatanov <tzz@lifelogs.com>
Newsgroups: gmane.emacs.devel
Subject: Re: Emacs RPC security
Date: Mon, 02 May 2011 20:27:03 -0500
Organization: =?utf-8?B?0KLQtdC+0LTQvtGAINCX0LvQsNGC0LDQvdC+0LI=?= @ Cienfuegos
Message-ID: <87zkn4efq0.fsf@lifelogs.com>
References: <m3ipu4u7bv.fsf@quimbies.gnus.org> <87d3kal0za.fsf@lifelogs.com>
	<jwvfwp6xmr0.fsf-monnier+emacs@gnu.org> <874o5mky4o.fsf@lifelogs.com>
	<m3oc3mb68s.fsf@quimbies.gnus.org> <m3bozm9j08.fsf@quimbies.gnus.org>
	<871v0hudzo.fsf@lifelogs.com> <jwvvcxsc2db.fsf-monnier+emacs@gnu.org>
	<87vcxsswox.fsf@lifelogs.com> <m3k4e8k8yd.fsf@quimbies.gnus.org>
	<87pqo0fx52.fsf@lifelogs.com> <m3ei4gip2n.fsf@quimbies.gnus.org>
	<87d3k0fuyr.fsf@lifelogs.com> <m34o5cinx6.fsf@quimbies.gnus.org>
NNTP-Posting-Host: lo.gmane.org
Mime-Version: 1.0
Content-Type: text/plain
X-Trace: dough.gmane.org 1304386217 14360 80.91.229.12 (3 May 2011 01:30:17 GMT)
X-Complaints-To: usenet@dough.gmane.org
NNTP-Posting-Date: Tue, 3 May 2011 01:30:17 +0000 (UTC)
To: emacs-devel@gnu.org
Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Tue May 03 03:30:14 2011
Return-path: <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>
Envelope-to: ged-emacs-devel@m.gmane.org
Original-Received: from lists.gnu.org ([140.186.70.17])
	by lo.gmane.org with esmtp (Exim 4.69)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1QH4RK-0001Jc-0h
	for ged-emacs-devel@m.gmane.org; Tue, 03 May 2011 03:30:14 +0200
Original-Received: from localhost ([::1]:41748 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1QH4RJ-000327-HK
	for ged-emacs-devel@m.gmane.org; Mon, 02 May 2011 21:30:13 -0400
Original-Received: from eggs.gnu.org ([140.186.70.92]:42657)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <ged-emacs-devel@m.gmane.org>) id 1QH4RG-000322-7E
	for emacs-devel@gnu.org; Mon, 02 May 2011 21:30:11 -0400
Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <ged-emacs-devel@m.gmane.org>) id 1QH4RB-0004QN-T7
	for emacs-devel@gnu.org; Mon, 02 May 2011 21:30:10 -0400
Original-Received: from lo.gmane.org ([80.91.229.12]:49065)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <ged-emacs-devel@m.gmane.org>) id 1QH4RB-0004Pt-Mw
	for emacs-devel@gnu.org; Mon, 02 May 2011 21:30:05 -0400
Original-Received: from list by lo.gmane.org with local (Exim 4.69)
	(envelope-from <ged-emacs-devel@m.gmane.org>) id 1QH4RA-0001E3-SQ
	for emacs-devel@gnu.org; Tue, 03 May 2011 03:30:04 +0200
Original-Received: from c-67-186-102-106.hsd1.il.comcast.net ([67.186.102.106])
	by main.gmane.org with esmtp (Gmexim 0.1 (Debian))
	id 1AlnuQ-0007hv-00
	for <emacs-devel@gnu.org>; Tue, 03 May 2011 03:30:04 +0200
Original-Received: from tzz by c-67-186-102-106.hsd1.il.comcast.net with local (Gmexim
	0.1 (Debian)) id 1AlnuQ-0007hv-00
	for <emacs-devel@gnu.org>; Tue, 03 May 2011 03:30:04 +0200
X-Injected-Via-Gmane: http://gmane.org/
Original-Lines: 17
Original-X-Complaints-To: usenet@dough.gmane.org
X-Gmane-NNTP-Posting-Host: c-67-186-102-106.hsd1.il.comcast.net
X-Face: bd.DQ~'29fIs`T_%O%C\g%6jW)yi[zuz6;
	d4V0`@y-~$#3P_Ng{@m+e4o<4P'#(_GJQ%TT=
	D}[Ep*b!\e,fBZ'j_+#"Ps?s2!4H2-Y"sx"
User-Agent: Gnus/5.110016 (No Gnus v0.16) Emacs/24.0.50 (gnu/linux)
Cancel-Lock: sha1:gINIfjYS9JeA/dUtjqDHKGcLTC4=
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 3)
X-Received-From: 80.91.229.12
X-BeenThere: emacs-devel@gnu.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: "Emacs development discussions." <emacs-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=unsubscribe>
List-Archive: </archive/html/emacs-devel>
List-Post: <mailto:emacs-devel@gnu.org>
List-Help: <mailto:emacs-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=subscribe>
Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Xref: news.gmane.org gmane.emacs.devel:139033
Archived-At: <http://permalink.gmane.org/gmane.emacs.devel/139033>

On Tue, 03 May 2011 03:16:21 +0200 Lars Magne Ingebrigtsen <larsi@gnus.org> wrote: 

LMI> Ted Zlatanov <tzz@lifelogs.com> writes:
>> As I keep trying to explain, you don't know who is on the other end
>> because there is *no* authentication, or rather it's binary: you have
>> the shared secret or you don't.

LMI> Yes, it's like ssh + ssh-agent.  (Only without the encryption, of
LMI> course.  :-)

ssh+ssh-agent has a user name and can authenticate the host keys.  It
has many other feature server.el doesn't, so it's like only root SSH
access was ever allowed.  Most importantly, it has PPK authentication so
there is no shared secret passed around unless the server allows
password authentication.

Ted