Distributing user-developed Linux software and licensing issues.
John Summerfied
debian at herakles.homelinux.org
Sat Jan 21 03:41:44 UTC 2006
Kirk Black wrote:
>
> 3. Aside from server security, there is the matter of account password
> security. How can I fathom giving away the full source code and thus giving
> anyone the ability to network snoop and easily grab customer
> account/password data? This account password data not only gains access to
> playing the game but also gains access to customer billing information which
> then becomes a huge issue.
This is folly. Don't confuse the notion of authentication with recording
of entitlements and payments made.
Your open-to-the web should obtain player credentials, and then connect
with an internal server to confirm those credentials. If you charge by
the minute of play, then the response might include "Authorised for 50
minutes." All your game server needs to know is some kind of
identification (players nick) and for how long.
Watch for duplicate logins, toss the old one: the legitimate owner is
likely to complain and you can sort things out.
Billing can be done safely with OSS: I believe these websites use OSS,
but I forget which:
http://www.stormcomputers.com.au/
http://www.techtopia.com.au/
RH used to ship something called interchange: I think it's changed its
name and that is what those sites use.
Cheers
John
-- spambait
1aaaaaaa at computerdatasafe.com.au Z1aaaaaaa at computerdatasafe.com.au
Tourist pics http://portgeographe.environmentaldisasters.cds.merseine.nu/
do not reply off-list
More information about the fedora-list
mailing list