[Tutor] Socket and Ports
Jacob Bender
benderjacob44 at gmail.com
Sun Oct 16 21:00:04 CEST 2011
Thank you, and I'm not planning on executing any data I receive from
anybody. So I should be pretty safe...
On Sun, Oct 16, 2011 at 10:48 AM, Hugo Arts <hugo.yoshi at gmail.com> wrote:
> On Sun, Oct 16, 2011 at 4:20 PM, bob gailer <bgailer at gmail.com> wrote:
> > On 10/16/2011 8:28 AM, Jacob Bender wrote:
> >>
> >> Dear Tutors,
> >>
> >> I've been having an issue with socket. I wanted to use it for
> >> transmitting strings over the Internet.
> >
> > That's good, because strings is all you can transmit.
> >
> >> The problem is that my friend insists that allowing python to transmit
> and
> >> receive information via an Internet port is a bad idea. He claimed that
> I
> >> could(and probably would) receive information that wouldn't necessarily
> do
> >> my computer any good(in a nutshell).
> >
> > I am not the expert on this issue. My view:
> >
> > once you establish a socket connection then you wait to receive data. All
> > the socket software (Python or other) does is receive a string. What you
> do
> > with it is up to you. If you apply eval or exec to it than anything could
> > happen. No one can IMHO cause any action via socket.
> >
>
> vulnerabilities in the lower level stack notwithstanding, of course.
> But in essence, using sockets in python is not any more dangerous than
> using sockets in any other language. You have to watch what you're
> doing and be careful with the data you receive, but as long as you do
> that you shouldn't be in any danger.
>
> Hugo
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/tutor/attachments/20111016/a2d911bb/attachment.html>
More information about the Tutor
mailing list