Hi all,
I would like to know if I can have an application that could monitor or control which clients can communicate to the server and what limit/allow only certain messages for particular clients…I guess this is more a process manager functionality… but do you think any of these are possible outside the procnto?? If so how to go about it??
This question is a little unclear. What do you mean by “server?” A computer server, and piece of software, a web-server? If the server is your software, you can implement the controls yourself.
You can filter at will if you install a resource manager between the client and the server. However it will impact performances as every message needs to be parsed and resent.
Thank you Mario.
@Maschoen: I want to know if in the QNX message passing scenario between server(a piece of software of course) and client, if any application other than the two can filter or impose some conditions on what is passed between the two. I am trying to make a security application which would act if any application asks for some data which let us say it should not, however certain applications can have these data…The thing is the server is not our piece of software and I cannot manipulate it.
Normally such controls are implemented within the server, eg. file system ownership and access. Mario’s answer will work if you can limit access to the server by requiring the client to open an intermediary server. Otherwise you would need to hack the kernel. It’s not really clear how a kernel hack could work either unless the owner of the client process determines whether it should have access or not. But in that case you could merely control who runs the client using file system group/user bits.
Maybe if you explain a little more about how this situation arises we might have another suggestion.
In general way? The answer is no. Only kernel is involved when message passing between 2 processes.
The possible way (that Mario suggested) is to create your own “server”. In QNX, a client always reference its server with a “pathname” that the server attach to. What you can do, is write your own access control process, attach to the same “pathname”, this way, any attempt to reference the pathname, will goes to your process first.
Normally, you do access control on “connection” time (think open()), the very first time the client try to talk to server. You permit (by pass through the request to the real server) or reject the client’s request of connection. This way, there isn’t too much overhead.
If you need to check client’s permission “request by request”, then it involves your access control process act as a “proxy”, which will have much over-head.
Being said that, if the client is really smart, then it is possible for it to by pass your access control. Unless you have the control of what client could be execute on your system.
Thanks for your ideas.
I want to elaborate a bit. What about getting the pid,chid of any communicating client & server( who is communicating to whom info) and do some restrictions? Is this possible for an outside process? Is there a way I can get this from the procnto?
I will anway look into how an access control process by attaching my process to pathname…
[quote=“ninja123”]
Thanks for your ideas.
I want to elaborate a bit. What about getting the pid,chid of any communicating client & server( who is communicating to whom info) and do some restrictions? Is this possible for an outside process? Is there a way I can get this from the procnto?
]
Unless QNX has some unknown (to me) interface with the kernel, no. You would need to hack the kernel. There is a kernel trace facility that provides this type of information (who sent a message to whom) but it is only available after the fact. You can’t find out about a message real time and interfere with it.
Any documentation/help links on setting proxy server/access control process?? I dint have much succes with ‘help’ in momentics- I dint have an idea how to look it up…
I found some info on IPC proxies…but was too little to start…any help would be greatly appreciated 
As far as I know there isn’t anything about this in the documentation. Let’s take for example the serial port. You would create a resource manager that mount /dev/ser1 and then set the serial port to something else ( say /private/ser1 ).
Every request will go to your resmgr, any message that you don’t want to support for what ever reason, you just reject, if it’s ok then you pass it off to the real resmgr of the serial port.
Yes, but how to redirect requests from the proxy to the actual server? btw there is this qnx_proxy_attach() in QNX4. Would this be the choice? Or should I use the normal Msg passing functions to my proxy? Do u suggest I have this proxa acting as both a client(for my actual server) and a server for the application???
You are confusing the term proxy as used by QNX4 and TCP/IP. In QNX4 a proxy is just a message you send to another process. It has nothing to do with relaying messages like the TCP/IP proxy does. Forget all you know about TCP.
You really need to sit down and read the whole QNX6 architecture to get a bigger pictures, you are obviously trying to come up with a solution by reading bits and pieces, and that is obviously not pointing you in the right direction.
To answer you question; client application does an open("/dev/ser1") to access serial port, but /dev/ser1 is not the real serial driver its your filter application ( I wont use the term proxy to reduce confusion). The filter application received the open request and then decides if it`s ok or not depending on your own criteria. If the criteria fits, then the filter application makes the open("/private/ser1") on behalf of the client. Obviously the filter application needs to know that /dev/ser1 maps to /private/ser1.
Yes, I got confused with TCP/IP proxy… Thanks Mario.
Is there a way to allow just one client[which is the proxy/filter application) to be authenticated to the resmgr? There are options like read/write only and group, owner setting changes. I want this resmgr/server to be ‘visible’ only to proxy…or let us say, any write or read by any application other than proxy should be prohibited…
Mario, you have mentiioned:
To answer you question; client application does an open("/dev/ser1") to access serial port, but /dev/ser1 is not the real serial driver its your filter application ( I wont use the term proxy to reduce confusion). The filter application received the open request and then decides if it`s ok or not depending on your own criteria. If the criteria fits, then the filter application makes the open("/private/ser1") on behalf of the client. Obviously the filter application needs to know that /dev/ser1 maps to /private/ser1
But how do I do this?