> If its documented that the timeout is an order-of-magnitude thing that > is susceptible to DoS attacks, then I guess not. I would think that anything that doesn't specifically document it's safe against DoS attacks should be considered susceptible to them. I see no need to document this. --Guido van Rossum (home page: http://www.python.org/~guido/)