How to marshal a function?

Cliff Wells logiplexsoftware at earthlink.net
Thu Nov 15 01:37:57 CET 2001


On Wednesday 14 November 2001 15:10, François Pinard wrote:
> [Cliff Wells]
>
> > The mechanism you are using (remote execution of python code) introduces
> > a big security hole (in your current setup this may not be much of an
> > issue for you, but think of the children!).
>
> Why do you say that?  I remotely start the Python server using a shell,
> and doing things through that server, rather than using the shell without
> the server, is about the same to me, permission-wise.  As we do not gain
> nor loose any permission, I do not see how we introduce a security hole.
> Besides, I feel a bit safe as I channel these Python services through
> `ssh', which provides enough user authentication for us, so I presume.

Well, that's a different story altogether =)  If you weren't using ssh, it 
would be a huge security hole.

> If merely using a shell is a big security hole, I'd rather unplug the
> machine from the power outlet!  Some practical considerations apply, here!
> :-)

It wasn't the shell, it was your server that I was questioning. 

-- 
Cliff Wells
Software Engineer
Logiplex Corporation (www.logiplex.net)
(503) 978-6726 x308
(800) 735-0555 x308




More information about the Python-list mailing list