[Twisted-Python] Potential PB Security Problem (And Solution)
Itamar Shtull-Trauring
itamar at zoteca.com
Sun Feb 17 02:27:31 EST 2002
OK,
My first thoughts - I think that this is a good idea. The problem with
pretending to be a regular method call is that, well, it isn't. You may
get disconnected, for example. So we want to encourage people to realize
thjat they can't just use the same code. Of course, this'll make
web.distrib rather more difficult to implement nicely...
However, if we're unto security, some form of static typing on
arguments passed from remote clients to Referenceables methods would
be very useful, some would say necessary, for
secure programming. This would aid documentation as well. Switching to
callRemote still doesn't solve the "passing the wrong objects
maliciously" issue, just one very specialized instance of it. And I ain't
suggesting IDL - I'm sure we could come up with a solution embedded in
python source code that is easy to type (say, using oscar-style
docstrings or some ther form of annotation, and a
enforceInterface(klass) function that parses them and
uses t.p.hook).
More information about the Twisted-Python
mailing list