How to marshal a function?

François Pinard pinard at iro.umontreal.ca
Thu Nov 15 00:10:01 CET 2001


[Cliff Wells]

> The mechanism you are using (remote execution of python code) introduces a
> big security hole (in your current setup this may not be much of an issue
> for you, but think of the children!).

Why do you say that?  I remotely start the Python server using a shell,
and doing things through that server, rather than using the shell without
the server, is about the same to me, permission-wise.  As we do not gain
nor loose any permission, I do not see how we introduce a security hole.
Besides, I feel a bit safe as I channel these Python services through
`ssh', which provides enough user authentication for us, so I presume.

If merely using a shell is a big security hole, I'd rather unplug the machine
from the power outlet!  Some practical considerations apply, here! :-)

-- 
François Pinard   http://www.iro.umontreal.ca/~pinard





More information about the Python-list mailing list