Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.lang.python > #50677
| Path | csiph.com!usenet.pasdenom.info!news.albasani.net!newsfeed.freenet.ag!news2.euro.net!newsgate.cistron.nl!newsgate.news.xs4all.nl!post.news.xs4all.nl!not-for-mail |
|---|---|
| Return-Path | <python-python-list@m.gmane.org> |
| X-Original-To | python-list@python.org |
| Delivered-To | python-list@mail.python.org |
| X-Spam-Status | OK 0.016 |
| X-Spam-Evidence | '*H*': 0.97; '*S*': 0.00; 'open-source': 0.04; 'pop': 0.05; 'subject:Python': 0.06; 'json': 0.07; 'received:80.91': 0.09; 'received:80.91.229': 0.09; 'received:gmane.org': 0.09; 'received:list': 0.09; 'vast': 0.09; 'python': 0.11; 'bit.': 0.16; 'dictionaries': 0.16; 'json,': 0.16; 'received:80.91.229.3': 0.16; 'received:plane.gmane.org': 0.16; 'side.': 0.16; 'subject:object': 0.16; 'subject:security': 0.16; 'well-known': 0.16; 'wrote:': 0.18; 'trying': 0.19; 'header:User-Agent:1': 0.23; 'mon,': 0.24; '15,': 0.26; 'possibly': 0.26; 'header:X-Complaints-To:1': 0.27; 'header:In-Reply-To:1': 0.27; 'chris': 0.29; 'am,': 0.29; 'room': 0.29; 'strongly': 0.30; 'then.': 0.30; 'code': 0.31; 'bugs': 0.33; "i'd": 0.34; 'but': 0.35; 'version': 0.36; 'library.': 0.36; 'module.': 0.36; 'area': 0.37; 'system,': 0.38; 'to:addr:python- list': 0.38; 'pm,': 0.38; 'little': 0.38; 'structure': 0.39; 'to:addr:python.org': 0.39; 'received:org': 0.40; 'new': 0.61; 'numbers': 0.61; 'simple': 0.61; 'myself': 0.63; 'needs,': 0.65; 'spot': 0.65; 'between': 0.67; 'secure': 0.71; 'jul': 0.74; 'eyes': 0.78; 'transfer': 0.82; '08:30': 0.84; 'compact,': 0.84; 'presumably': 0.84; 'safer': 0.84; 'yourself...': 0.84; 'grey': 0.93; '2013': 0.98 |
| X-Injected-Via-Gmane | http://gmane.org/ |
| To | python-list@python.org |
| From | Dave Angel <davea@davea.name> |
| Subject | Re: Python - remote object protocols and security |
| Date | Mon, 15 Jul 2013 08:45:48 -0400 |
| References | <ks0loh$hp4$1@ger.gmane.org> <142271145.8401649.1373891187398.JavaMail.root@sequans.com> <CAPTjJmp-XwmAvkkqgqJVbdD8v2kxDfAMuhO0WCXQjk9BqhHz1Q@mail.gmail.com> |
| Mime-Version | 1.0 |
| Content-Type | text/plain; charset=ISO-8859-1; format=flowed |
| Content-Transfer-Encoding | 7bit |
| X-Gmane-NNTP-Posting-Host | 174.32.174.34 |
| User-Agent | Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130623 Thunderbird/17.0.7 |
| In-Reply-To | <CAPTjJmp-XwmAvkkqgqJVbdD8v2kxDfAMuhO0WCXQjk9BqhHz1Q@mail.gmail.com> |
| X-BeenThere | python-list@python.org |
| X-Mailman-Version | 2.1.15 |
| Precedence | list |
| List-Id | General discussion list for the Python programming language <python-list.python.org> |
| List-Unsubscribe | <http://mail.python.org/mailman/options/python-list>, <mailto:python-list-request@python.org?subject=unsubscribe> |
| List-Archive | <http://mail.python.org/pipermail/python-list/> |
| List-Post | <mailto:python-list@python.org> |
| List-Help | <mailto:python-list-request@python.org?subject=help> |
| List-Subscribe | <http://mail.python.org/mailman/listinfo/python-list>, <mailto:python-list-request@python.org?subject=subscribe> |
| Newsgroups | comp.lang.python |
| Message-ID | <mailman.4719.1373892366.3114.python-list@python.org> (permalink) |
| Lines | 38 |
| NNTP-Posting-Host | 2001:888:2000:d::a6 |
| X-Trace | 1373892366 news.xs4all.nl 15926 [2001:888:2000:d::a6]:38521 |
| X-Complaints-To | abuse@xs4all.nl |
| Xref | csiph.com comp.lang.python:50677 |
Show key headers only | View raw
On 07/15/2013 08:30 AM, Chris Angelico wrote:
> On Mon, Jul 15, 2013 at 10:26 PM, Jean-Michel Pichavant
> <jeanmichel@sequans.com> wrote:
>> Basically, I need to transfer numbers (int). Possibly dictionaries like {string: int} in order to structure things a little bit.
>
> I strongly recommend JSON, then. It's a well-known system, it's
> compact, it's secure, and Python comes with a json module.
>
And presumably has been tested against injection attacks (implied by
your use of 'secure.')
JM: That's the flip side. If you CAN find some open-source that
exactly meets your needs, it presumably has had lots of eyes on it to
spot the little bugs that are likely to pop up in any new implementation.
There's a vast grey area between
1) so simple it's safer to do it myself
and
2) so complex the open-source version must have bugs, so I'd better do
it myself.
in between, you use the open-source code or library.
But this is why I always start by trying to narrow the choice of what
you *need*.
...the only secure system is one physically contained in a room with a
padlock, and with a guard. And only if the guard is yourself...
--
DaveA
Back to comp.lang.python | Previous | Next | Find similar | Unroll thread
Re: Python - remote object protocols and security Dave Angel <davea@davea.name> - 2013-07-15 08:45 -0400
csiph-web