Comments on: Security http://winpdb.org Thu, 17 May 2012 22:28:07 +0000 http://wordpress.org/?v=2.7 hourly 1 By: admin http://winpdb.org/docs/security/comment-page-1/#comment-3584 admin Sat, 17 Nov 2007 06:09:35 +0000 http://winpdb.org/?page_id=14#comment-3584 See the comments on the "Launch Time" documentation page for an explanation. See the comments on the “Launch Time” documentation page for an explanation.

]]> By: paul http://winpdb.org/docs/security/comment-page-1/#comment-3569 paul Fri, 16 Nov 2007 22:05:09 +0000 http://winpdb.org/?page_id=14#comment-3569 Great, thanks! I'm trying that. But rpdb2 still tries to start a local xterm, is there some reason for that? It's really causing me grief. I think I understand why I can't forward the X port to my desktop, it has to do with screwy configuration on the remote side, but there's not much I can do about that for now. I also can't access the /dev/pts directory needed to run screen. I don't have any sense of why the local xterm is needed, if the winpdb ui is on a remote machine. Can I disable it somehow? Great, thanks! I’m trying that. But rpdb2 still tries to start a local xterm, is there some reason for that? It’s really causing me grief. I think I understand why I can’t forward the X port to my desktop, it has to do with screwy configuration on the remote side, but there’s not much I can do about that for now. I also can’t access the /dev/pts directory needed to run screen. I don’t have any sense of why the local xterm is needed, if the winpdb ui is on a remote machine. Can I disable it somehow?

]]> By: admin http://winpdb.org/docs/security/comment-page-1/#comment-3561 admin Fri, 16 Nov 2007 19:27:04 +0000 http://winpdb.org/?page_id=14#comment-3561 The crypto package is optional. Winpdb will not force it unless you use the -e command line flag. When it is not present connections are password authenticated only. You can also use winpdb over ssh if you forward port 51000 (and 51001 if needed). The crypto package is optional. Winpdb will not force it unless you use the -e command line flag. When it is not present connections are password authenticated only.

You can also use winpdb over ssh if you forward port 51000 (and 51001 if needed).

]]> By: paul http://winpdb.org/docs/security/comment-page-1/#comment-3560 paul Fri, 16 Nov 2007 19:24:17 +0000 http://winpdb.org/?page_id=14#comment-3560 On further thought I suggest removing the crypto completely. Just listen on a loopback port and authenticate with a password. For remote debugging, get security by using ssh or stunnel port forwarding. On further thought I suggest removing the crypto completely. Just listen on a loopback port and authenticate with a password. For remote debugging, get security by using ssh or stunnel port forwarding.

]]> By: paul http://winpdb.org/docs/security/comment-page-1/#comment-3559 paul Fri, 16 Nov 2007 19:07:44 +0000 http://winpdb.org/?page_id=14#comment-3559 This package has too many external dependencies. My next thought after the xterm problem was to use the remote debugging feature to debug from my desktop machine which does have xterm. But now it wants the AMK crypto package. I guess I may have better luck installing that, so I'll give it a try. But it would be better if the package were self contained. Maybe instead of AMK crypto, it could use TLS Lite (www.trevp.com/tlslite) which is pure Python. If and when tlslite gets real x509 support, the debugger could authenticate the remote peer with a client certificate. Meanwhile, how about a mode that eliminates the crypto and instead listens on a local socket. Then I\\\\\\\'d use ssh port forwarding to debug securely from a remote machine. Also, this comment form is far too smart for its own good with javascript. I keep getting reload failures, the submit button being greyed out, etc. How about just using straightforward html. This package has too many external dependencies. My next thought after the xterm problem was to use the remote debugging feature to debug from my desktop machine which does have xterm. But now it wants the AMK crypto package. I guess I may have better luck installing that, so I’ll give it a try. But it would be better if the package were self contained. Maybe instead of AMK crypto, it could use TLS Lite (www.trevp.com/tlslite) which is pure Python. If and when tlslite gets real x509 support, the debugger could authenticate the remote peer with a client certificate.

Meanwhile, how about a mode that eliminates the crypto and instead listens on a local socket. Then I\\\\\\\’d use ssh port forwarding to debug securely from a remote machine.

Also, this comment form is far too smart for its own good with javascript. I keep getting reload failures, the submit button being greyed out, etc. How about just using straightforward html.

]]>