Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.lang.python > #50677 > unrolled thread

Re: Python - remote object protocols and security

Back to article view | Back to comp.lang.python

This discussion starts older than the indexed window; earlier articles aren't shown. The article labeled Started by below is the oldest one visible, not the original post.

Contents

  Re: Python - remote object protocols and security Dave Angel <davea@davea.name> - 2013-07-15 08:45 -0400

#50677 — Re: Python - remote object protocols and security

On 07/15/2013 08:30 AM, Chris Angelico wrote:
> On Mon, Jul 15, 2013 at 10:26 PM, Jean-Michel Pichavant
> <jeanmichel@sequans.com> wrote:
>> Basically, I need to transfer numbers (int). Possibly dictionaries like {string: int} in order to structure things a little bit.
>
> I strongly recommend JSON, then. It's a well-known system, it's
> compact, it's secure, and Python comes with a json module.
>

And presumably has been tested against injection attacks (implied by 
your use of 'secure.')

JM:  That's the flip side.  If you CAN find some open-source that 
exactly meets your needs, it presumably has had lots of eyes on it to 
spot the little bugs that are likely to pop up in any new implementation.

There's a vast grey area between

1) so simple it's safer to do it myself

and

2) so complex the open-source version must have bugs, so I'd better do 
it myself.

in between, you use the open-source code or library.

But this is why I always start by trying to narrow the choice of what 
you *need*.


...the only secure system is one physically contained in a room with a 
padlock, and with a guard.  And only if the guard is yourself...


-- 
DaveA

[toc] | [standalone]

Back to top | Article view | comp.lang.python

csiph-web