Securing PyDoc and CGIHTTPserver

Shane Hathaway shane at zope.com
Fri Jul 11 19:05:56 CEST 2003


Irmen de Jong wrote:
> Shane Hathaway wrote:
> 
>> What about binding only to the local (loopback) interface?  That way, 
>> the system won't even listen for external connections.  It's like a 
>> built-in firewall.
>>
>> The change is a one-liner.  The DocServer computes the hostname for 
>> the loopback interface but then binds to all interfaces.  So change 
>> this line:
>>
>>   self.address = ('', port)
>>
>> to:
>>
>>   self.address = (host, port)
>>
> 
> I think Shane meant:
> 
>     self.address = ('localhost',port)

No, actually the 'host' variable is computed on the line before it. :-) 
  It's either "127.0.0.1" or "localhost", depending on the platform. 
"localhost" is preferable for readability, but "127.0.0.1" is more reliable.

Shane






More information about the Python-list mailing list