Re: [google-appengine] Re: How to secure the SDK

2012-03-14 Thread Aidan O'Kelly 
Still should be a network security concern, ie, setup a secure vpn, or
allow limited access to a range of IP's through your firewall.
The java version of the SDK at least, has a -bindAddress option. Binding to
127.0.0.1 will mean the server will only listen for requests from your
machine. (It set itself up like this by default for me)

Anyway, if you run any kind of developer sdk server and allow access to the
outside world you are asking for trouble, since they are never written with
the intention of being a secure production server.

On Wed, Mar 14, 2012 at 9:48 AM, Kaan Soral  wrote:

> Why? - because sometimes you have to work with external systems and they
> have to work with you - even on the development level
>
>
> On Wednesday, March 14, 2012 10:42:59 AM UTC+2, Simon Knott wrote:
>>
>> Why would your SDK be available to the outside world?  It's a development
>> tool, no different to any development environments - lock it down via the
>> network infrastructure, as you would any other development environment.  If
>> you have production data in your dev environment and it contains sensitive
>> data, then take the normal steps to sanitise it.
>>
>> On Tuesday, 13 March 2012 20:50:01 UTC, Kaan Soral wrote:
>>>
>>> If the SDK is accessible to the outer world, it poses a HUGE security
>>> risk
>>>
>>> One can simply write a script for "Interactive 
>>> Console"
>>> and steal all your code/data
>>>
>>> To prevent this - one may restrict access to Development Console and
>>> permit only 127.0.0.1, this can be easily done by modifying the Handlers of
>>> the Development Console
>>>
>>> Can you guys think of any other security holes?
>>>
>>> I've been meaning to ask this for a long time, but at the same time I
>>> didn't want to attract anyone to exploit these risks - but here it is anyway
>>>
>>  --
> You received this message because you are subscribed to the Google Groups
> "Google App Engine" group.
> To view this discussion on the web visit
> https://groups.google.com/d/msg/google-appengine/-/kW20c_wtRsMJ.
>
> To post to this group, send email to google-appengine@googlegroups.com.
> To unsubscribe from this group, send email to
> google-appengine+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/google-appengine?hl=en.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Google App Engine" group.
To post to this group, send email to google-appengine@googlegroups.com.
To unsubscribe from this group, send email to 
google-appengine+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/google-appengine?hl=en.

Re: [google-appengine] issue with objectify

2011-11-10 Thread Aidan O'Kelly 
DefferedTask's are serialized, so the field 'Objectify objectify' is
causing the error.


On Thu, Nov 10, 2011 at 8:12 PM, Deepak Singh wrote:

> public class DBMailTask implements DeferredTask {
>  Objectify objectify = ObjectifyService.begin();
>  String subject = null;
> String body = null;
>  String receipents = null;
> List list = null;
>  public void paramValues (final String subjectt, final String bodyy,
> final String receipentss, final List listt) {
> this.subject = subjectt;
>  this.body = bodyy;
> this.receipents = receipentss;
> this.list = listt;
>  System.out.println("CommonRpcServiceImpl.DBMailTask.paramValues() values
> set");
> }
> @Override
> public void run() {
>  if(object instanceof UserSubscribed) {
>  UserSubscribed user = (UserSubscribed) object;
> objectify.put(user);
> }
>  if(object instanceof UserTravelExpComment) {
> UserTravelExpComment user = (UserTravelExpComment) object;
>  objectify.put(user);
> }
> if(object instanceof ContactUs) {
>  ContactUs user = (ContactUs) object;
> objectify.put(user);
> }
> }
> }
>
> }
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Google App Engine" group.
To post to this group, send email to google-appengine@googlegroups.com.
To unsubscribe from this group, send email to 
google-appengine+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/google-appengine?hl=en.

Re: [google-appengine] Re: Application unreachable (by some users) by Google Apps domain name set with CNAME to ghs.google.com

2011-09-30 Thread Aidan O'Kelly 
Are all the affected users/locations using one ISP. ? I would try and
isolate where the DNS is failing, its probably one DNS server that all
of these locations use, and its having trouble for whatever reason.
Asking your users to use google's dns may be your only option. (or
possibly you could send them a HOSTS file with the relevant
ip/hostnames)


On Fri, Sep 30, 2011 at 3:41 PM, Gwyn Howell  wrote:
> hmm, some kind of network/dns caching going on in those remote locations?
> proxy servers?
>
> --
> You received this message because you are subscribed to the Google Groups
> "Google App Engine" group.
> To view this discussion on the web visit
> https://groups.google.com/d/msg/google-appengine/-/VQ8TgYidl_gJ.
> To post to this group, send email to google-appengine@googlegroups.com.
> To unsubscribe from this group, send email to
> google-appengine+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/google-appengine?hl=en.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Google App Engine" group.
To post to this group, send email to google-appengine@googlegroups.com.
To unsubscribe from this group, send email to 
google-appengine+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/google-appengine?hl=en.