Python - remote object protocols and security

Jean-Michel Pichavant jeanmichel at sequans.com
Mon Jul 15 19:31:17 CEST 2013


----- Original Message -----
> On 15-7-2013 13:17, Dave Angel wrote:
> > On 07/15/2013 06:20 AM, Jean-Michel Pichavant wrote:
> >> In text format... sorry for my previous html post
> >>
> >> Hello everyone,
> >>
> >> I'd like to exchange some simple python objects over the internet.
> >> I initially planned to use Pyro, after reading
> >> http://pythonhosted.org/Pyro4/security.html I'm still puzzled.
> 
> Hi, Pyro's author here.
> I agree that this chapter of the manual can use some cleanup.
> Is there anything in particular that you are puzzled about at this
> time?

Nothing wrong with the manual, just my poor knowledge of security issues.

> >>
> >> I don't mind encrypting data, if someone wants to sniff what I'm
> >> sending, he's welcome.
> >>
> 
> I don't quite understand what you're saying in this sentence: is it
> okay if someone
> eavesdrops on your unencrypted data stream?

It's okay is someone eavesdrops, my English is as bad as my net code.

> Pyro since version 4.20 uses a serialization format that is safe
> against arbitrary code
> 
> 
> Cheers
> Irmen de Jong

Thanks for the clarifications (and writing Pyro), I'll make sure I'll be using 4.20+.

JM


-- IMPORTANT NOTICE: 

The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.


More information about the Python-list mailing list