tromnek opened this issue on Sep 14, 2005 ยท 17 posts
tromnek posted Wed, 14 September 2005 at 9:52 AM
Attached Link: http://www.mort.net/users/krm/dist/poser/prpc/dev/prpcd134b08.zip
I'm working on extending my server daemon to allow the saving of poser content to be initiated from external windows applications (library managers/viewers).I have a new beta (see attached link) and I'm looking for feedback.
For those of you who don't know this project here's the url with a description.
http://www.mort.net/users/krm/dist/poser/prpc
I'm having a major problem saving Material Collections thru the poser-python method 'SaveMaterialCollection'.
It doesn't seem to create a file and I don't get any errors from the method. Any ideas?
tromnek posted Wed, 14 September 2005 at 10:10 AM
(forgot to mention) The new behavior of the server daemon is: If a path sent to the server daemon is a file, then loading of content is assumed. If a path sent to the server daemon is a directory, then saving of content is assumed.
cyberchrome posted Sat, 12 November 2005 at 6:41 AM
great great .. i begin to play with, but the idea is great...
tromnek posted Sun, 13 November 2005 at 9:10 AM
Attached Link: http://www.mort.net/users/krm/dist/poser/prpc/dev/prpcd134b20.zip
Has the latest beta. There are a number of limitations in saving content with the poser python methods supplied by CL. Can't save Material Collections. Can't save Props as Hair. Can't save Prop as 'parented/smart prop'. Can't select subset of combined figures to save. Can't select subset of animation frames to save. Only saves uncompressed (.pz3) scenes.
gezinorgiva posted Sun, 13 November 2005 at 10:09 AM
This work together with the Advanced Library and P3DO is turning tiresome work into something almost a pleasure; thank you very much and keep it up. Sorry if this is a little off topic but I just wanted to say thank you somewhere public.
tromnek posted Sun, 13 November 2005 at 11:31 AM
Attached Link: http://www.mort.net/users/krm/dist/poser/prpc/dev/posefilter134b20.zip
You might want to check out this client module. It allows you to filter pose files to selected body parts. Run this python script while the prpcd server is running and it will add this module to the server. Enable the module and select some body parts to see how it works.
foleypro posted Wed, 16 November 2005 at 12:37 AM
Ohhh but doesnt this open the computer up to pnp networks or do you have built in firewall,If you enable saving to a server outside your network you open up all sorts of Problems...Can we encrypt the script...?
tromnek posted Wed, 16 November 2005 at 8:13 AM
Attached Link: http://www.mort.net/users/krm/dist/poser/prpc/
Take a look at my web page (see attached link) for the security note towards the bottom of the page. The default operation listens on the loopback interface (lo) and will only accept connection from lo. Loading and saving content can only be done with locations mapped to a drive letter. This is a requirement of the load and save python methods that are supplied with Poser. Thus, if you map a drive letter to an outside network (for saving or loading), then the security risk has already been created. What do you mean by 'encrypt the script'? I should probably provide an MD5 digest of the script so that people have a minimum check for authenticity. I think most (or all) of the security risks would be associated with a virus or worm infecting your local machine. That virus or worm could use the script (if it's running) for it's own designs. However, in truth, why would it bother going thru this script (on the off chance that it's running) if it's already got your machine and is able to much more on it's own.
tromnek posted Wed, 23 November 2005 at 9:33 PM
Attached Link: http://www.renderosity.com/messages.ez?Form.ShowMessage=2482173
I release the latest version along with a new web site for the project. See the attached link for details.thanks
foleypro posted Wed, 23 November 2005 at 10:23 PM
Can you Encript the Script to stop un authorized use outside the network...Say you have an embedded Nasty that links your Network to theirs...Can you Encript the script to Lock out unauthorised use...? Might be a great selling Point to Poser users.
tromnek posted Wed, 23 November 2005 at 11:18 PM
It is firewalled against ALL networks (even your local network). The loopback interface (127.0.0.1) cannot accept or send anything outside of the local machine.
foleypro posted Thu, 24 November 2005 at 1:21 AM
Unless one is hooked to the internet.
foleypro posted Thu, 24 November 2005 at 1:28 AM
Yes exactly what you are saying. We are working on this,and after I talked to some buddies and they almost have it down and they said if we made the Program we could actually Lock out the Pirates on useing the software...How you ask....Hahahahahaha thats where we wont tell... But think and you will see...I will give you the answer after if sign an NDA...
gezinorgiva posted Thu, 24 November 2005 at 5:49 AM
I may be dense but this seems to be making a mountain out of a molehill. Does not a properly configured firewall prevent anything nasty? Assuming that someone actually got around to trying to do something nasty.
tromnek posted Thu, 24 November 2005 at 11:10 AM
(mountain out of a molehill) Maybe, but one of the philosophies of Open Source code is that potential security vulnerablities are reviewed openly. For instance, what foleypro is proposing is something I didn't worry about (given prpcd runs on lo). However, his comments make me (and everyone) think more critically about the implications of using the software. (properly configured firewal) Yes. Additionally, prpcd.py firewalls again by only accepting connection from the local computers lo interface.
foleypro posted Thu, 24 November 2005 at 11:52 AM
Yes more then likely I am...
gezinorgiva posted Fri, 25 November 2005 at 4:49 AM
You are both right, it is a good philosophy to have and I will keep it in mind for the future.