[Twisted-Python] pb.Copyable, round trip objects, and untrusted clients

Christopher Armstrong radix at twistedmatrix.com
Fri May 21 01:12:27 EDT 2004


Glyph Lefkowitz wrote:
> On Thu, 2004-05-20 at 23:46, David Ripton wrote:
> 
> 
>>The security issues in Copyable / Cacheable should knock me off this 
>>particular fence for long enough to have enough code written that I'm
>>unwilling to climb back up.
> 
> 
> Keep in mind that you still might get an unexpected object (a dict where
> you expect a list) and if you're tossing around large amounts of state
> that's potentially a problem.  The security issues are not with Copyable
> or Cacheable in particular.

Just so it's clear, this is what I was trying to say as one of the 
points in my last message, near the end, but I might not have said it in 
quite a politic or coherent way :)


-- 
  Twisted | Christopher Armstrong: International Man of Twistery
   Radix  |          Release Manager,  Twisted Project
---------+           http://radix.twistedmatrix.com/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 256 bytes
Desc: OpenPGP digital signature
Url : http://twistedmatrix.com/pipermail/twisted-python/attachments/20040521/3d43acf2/attachment.pgp 


More information about the Twisted-Python mailing list