[Twisted-Python] random security thoughts

Moshe Zadka twisted at moshez.org
Sun Dec 22 01:35:29 EST 2002


On Sat, 21 Dec 2002, "Harald Massa" <HaraldMassa at ghum.de> wrote:

> One idea I liked to discuss is:
> why not crypt the transmitted data via public / private keys?=20
> So sending bad objects from somewhere would be a very hard process.

Well, you have a server trusting the client. This is usually a no-no.
*Any* data you receive, no matter how well signed, should usually not
be trusted to not crash your application, unless that is the kind of
application you design (that is, a remote-control application).




More information about the Twisted-Python mailing list