[Tilesathome] Batik, and batik-agent

Wed Aug 27 19:00:53 BST 2008

On Wed, Aug 27, 2008 at 07:36:23PM +0200, Jiri Klement wrote:
> > 1) tilesGen currently has three ways of running Batik: through a
> > wrapper, directly running the jar in java and the agent. I'm thinking
> > about doing autodetection on which method to use, is there any reason
> > why that would be a bad idea somehow?
> 
> Batik in wrapper/jar mode and batik in agent mode are independent.
> It's possible both method will work and users might want to decide
> which method use.

Yeah, ok, I'll make those two separateable then, but with fallback to
something else if the main choice isn't available.

> > 2) Batik agent seems to do some logging to the STDOUT or ERR of the
> > agent server, and some to the file specified with log= on the inet
> > socket. I'd really like to avoid creating logfiles at the place in the
> > program I want to put this, would it be possible for it to dump that
> > output to the network socket instead?
> 
> It should be safe to ignore logging to stdout/stderr, all important
> stuff should get into log file. Data are written to log file only when
> rendering fails, so I can instead of writing log file send error
> description with agent response back to client.

That would be great.

> > 3) The network socket listens openly to everywhere and doesn't do any
> > authentication or anything at all, which means anybody that's able to
> > reach a machine running the agent over tcp/ip can make it use loads of
> > resources, and even overwrite any files the user running the agent has
> > write access to.
> >
> > At the very least only listen to the local interface, and you really
> > need some way to authenticate the user that's connected as well. I
> > know it's possible on *nix, and for example postgres uses it for
> > authentication, doing something sensible in java that will also work
> > on windows is not something I know how to do.
> 
> Is it enough to authenticate using osm username/password? It is
> probably easy to steal because its sent as plaintext to t at h server,
> but at least some protection.
> Also I can change agent to send rendered png over network, so at least
> attacker won't be able to overwrite any files.

If you authenticate the user and only listen to the loopback interface
I think it would be secure enough.

It's not like tiles at home is bulletproof, if anybody told me they ran
it on a critical server I'd scream at them to run off and stop it,
anyway ;)

Sending both the log and the png back over the network will require a
bit of protocol and stuff, I'd rather avoid that in favor of a simple
thing like $log\n\nSTATUS or something.

> > 4) I had some problems getting the agent to work at all, does it
> > require the area= parameter or something? That really should be
> > optional unless you don't care about using it for anything other than
> > t at h.
> I didn't intend to use batik agent in anything else than t at h. But
> there is no reason while area and other parameters have to be
> mandatory so I will change that.

Cool, thanks. I'm making SVG::Rasterizer very generic and plan to
eventually put it on CPAN, would be cool if batik-agent was robust
enough to tag along... (If you're not opposed to it of course, what's
the license anyway?)

-- 
Knut Arne Bjørndal
aka Bob Kåre
bob+osm at cakebox.net
bobkare at irc
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 4167 bytes
Desc: not available
URL: <http://lists.openstreetmap.org/pipermail/tilesathome/attachments/20080827/7adebf41/attachment.bin>