Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.lang.python > #3672

Re: Pickling over a socket

Date 2011-04-20 11:41 +0200
From Bastian Ballmann <balle@chaostal.de>
Subject Re: Pickling over a socket
References (6 earlier) <BANLkTiksqp-RMyJj8UcbquiYxHZJqeSj-w@mail.gmail.com> <20110420093419.4b83fe4b@chaostal.de> <BANLkTim59M9ti6Dq+4=UCZxg_ZiXGX=LUA@mail.gmail.com> <20110420111723.2daf2437@chaostal.de> <BANLkTinCh8+rQMQaCKaDd4RZx3j26Y8v7g@mail.gmail.com>
Newsgroups comp.lang.python
Message-ID <mailman.632.1303292503.9059.python-list@python.org> (permalink)

Show all headers | View raw

[Multipart message — attachments visible in raw view] - view raw

Am Wed, 20 Apr 2011 19:26:44 +1000
schrieb Chris Angelico <rosuav@gmail.com>:

> Yes, but the other half of the issue is that you have to treat
> anything that comes over the network as "user input", even if you
> think it's from your own program that you control.

Sure.

 
> Buffer overruns can happen in all sorts of places; SQL injection can
> only happen where you talk to the database. And it IS just a matter of
> using a magic auto-escape function, if your library is set up right -

No. Not all data is strings.


> Not at all; just never *trust* user input. Where thou typest foo,
> someone someday will type...

I never *trust* the user *blindly* as you do with your
magic-escape-function so where do we disagree?
Greets

Basti

Back to comp.lang.python | Previous | NextPrevious in thread | Find similar

Thread

Pickling over a socket Roger Alexander <rtalexander@mac.com> - 2011-04-19 11:53 -0700
  Re: Pickling over a socket Chris Rebert <clp2@rebertia.com> - 2011-04-19 12:21 -0700
  Re: Pickling over a socket Chris Angelico <rosuav@gmail.com> - 2011-04-20 05:29 +1000
  Re: Pickling over a socket Dan Stromberg <drsalists@gmail.com> - 2011-04-19 12:30 -0700
  Re: Pickling over a socket Chris Angelico <rosuav@gmail.com> - 2011-04-20 05:37 +1000
    Re: Pickling over a socket Roger Alexander <rtalexander@mac.com> - 2011-04-19 15:27 -0700
      Re: Pickling over a socket Jean-Paul Calderone <calderone.jeanpaul@gmail.com> - 2011-04-19 19:28 -0700
        Re: Pickling over a socket Bastian Ballmann <balle@chaostal.de> - 2011-04-20 08:44 +0200
        Re: Pickling over a socket Chris Angelico <rosuav@gmail.com> - 2011-04-20 16:59 +1000
        Re: Pickling over a socket Bastian Ballmann <balle@chaostal.de> - 2011-04-20 09:34 +0200
          Re: Pickling over a socket Thomas Rachel <nutznetz-0c1b6768-bfa9-48d5-a470-7603bd3aa915@spamschutz.glglgl.de> - 2011-04-20 10:25 +0200
            [OT] Re: Pickling over a socket Bastian Ballmann <balle@chaostal.de> - 2011-04-20 10:59 +0200
        Re: Pickling over a socket Chris Angelico <rosuav@gmail.com> - 2011-04-20 19:26 +1000
        Re: Pickling over a socket Bastian Ballmann <balle@chaostal.de> - 2011-04-20 11:41 +0200

csiph-web