[Python-Dev] new ssl module is incompatible with servers that drop privileges
Bill Janssen
janssen at parc.com
Tue Sep 9 21:49:27 CEST 2008
> It accept them only as
> paths to their location on the file system, which I believe means that a
> server can only support SSL if it has read permission to its private key
> file when client connections arrive. This is a problem for servers that
> bind to their socket and drop privileges as soon as they start up, a
> practice that is both common and recommended in the unix world.
Ah, excellent point.
> IMHO, this severely limits the new ssl module's utility, and discourages
> good security practices.
Please file a bug report. A bug report with a patch and tests would
be even better :-). Assign it to me.
> Wouldn't it be better if we could specify keys and certificates as bytes
> or file-like objects? This would solve the security issue, give
> applications more flexibility in key management, and might also improve
> performance slightly (by avoiding file system operations at accept()
> time).
I like it!
Bill
More information about the Python-Dev
mailing list