Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.lang.python > #27224

Re: remote read eval print loop

From Alister <alister.ware@ntlworld.com>
Subject Re: remote read eval print loop
Newsgroups comp.lang.python
References <CAAoZyYMEraa_OTyxui484-bdx96Jvd9LTmbb5Qw2EfQXd_wkfQ@mail.gmail.com> <mailman.3400.1345157033.4697.python-list@python.org> <502dac1e$0$29978$c3e8da3$5496439d@news.astraweb.com>
Message-ID <CFlXr.960569$gC5.87844@fx10.am4> (permalink)
Organization virginmedia.com
Date 2012-08-17 06:38 +0000

Show all headers | View raw

On Fri, 17 Aug 2012 02:27:42 +0000, Steven D'Aprano wrote:

> On Fri, 17 Aug 2012 08:43:50 +1000, Chris Angelico wrote:
> 
>> On Fri, Aug 17, 2012 at 6:54 AM, Eric Frederich
>> <eric.frederich@gmail.com> wrote:
>>> Hello,
>>>
>>> I have a bunch of Python bindings for a 3rd party software running on
>>> the server side.
>>> I can add client side extensions that communicate over some http / xml
>>> type requests.
>>> So I can define functions that take a string and return a string. I
>>> would like to get a simple read eval print loop working.
>> 
>> Let's stop *right there*. You're looking for something that will run on
>> your server, take strings of text from a remote computer, and eval
>> them.
>> 
>> Please, please, please, on behalf of every systems administrator in the
>> world I beg you, please do not do this.
>> 
>> Instead, define your own high-level protocol
> 
> Stop right there!
> 
> There is already awesome protocols for running Python code remotely over
> a network. Please do not re-invent the wheel without good reason.
> 
> See pyro, twisted, rpyc, rpclib, jpc, and probably many others.

I think you missed the main point of the previous post which was.

Do NOT blindly eval data sent from a remote computer as is cannot be 
trusted. This of course is assuming they are not on a secure connection, 
but even then it is good practice as not all attacks come from outside.

although i have to agree with you about not re-inventing wheels, they 
invariably come out square :-)



-- 
<Kensey> RMS for President???
<RelDrgn> ...or ESR, he wants a new job ;)

Back to comp.lang.python | Previous | NextPrevious in thread | Next in thread | Find similar | Unroll thread

Thread

Re: remote read eval print loop Chris Angelico <rosuav@gmail.com> - 2012-08-17 08:43 +1000
  Re: remote read eval print loop Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2012-08-17 02:27 +0000
    Re: remote read eval print loop Alister <alister.ware@ntlworld.com> - 2012-08-17 06:38 +0000
    Re: remote read eval print loop Chris Angelico <rosuav@gmail.com> - 2012-08-17 17:25 +1000
      Re: remote read eval print loop rusi <rustompmody@gmail.com> - 2012-08-17 04:09 -0700
        Re: remote read eval print loop Chris Angelico <rosuav@gmail.com> - 2012-08-18 00:06 +1000

csiph-web