Building a new app in python and need some architecture advice.

[Eddie Corns]

Sam Watson <Sam watson at yahoo.com> writes:

>Hi, I could use a little help with a project i'm going to build.  I
>know I want to use python and wxWindows but thats about all I know.
>The client will be linux or windows.  The server will be linux.

>Basically, its a client/server app with a rich GUI client.

>The big catch is I want to be able to run the client/server remotely
>across the web in a secure fashion.  I sort of want to stay away from
>a web server based solutions because they seem to be attacked the most
>and frankly im not dealing with rocket scientists on the other end.
>They certainly arent up to the task of keeping a web server locked
>down.  Honeslty, i'm not sure I even am.  I'm a big fan of security
>through obscurity.

Since web browsers are so familiar to everyone it's still worth considering
(assuming it can hack your 'rich' GUI client needs).  I've written a couple of
data entry web apps now based on BaseHTTPServer, one with state one without.
There is no CGI, no external code getting invoked.  If there are other web
apps on the same device you do need to use a port other than 80 (but that fits
your like of obscurity :).  Since only your code is invoked then as long as
you don't do something silly like treat user input as a raw filename then it's
pretty damn secure.  If you want to secure the app itself from snooping
etc. then you might be able to use SSL on top of that (not sure, it's on my
list of things to find out about).  It's simple enough that you can get useful
apps together quite quickly.  For evidence of larger apps doing similar
things, I believe roundup, which is a good system, works in the same way (but
is obviously a lot bigger).

I was going to put together a recipe outlining how to create a simple app
using BaseHTTPServer but like all good intentions...  Maybe when I get round
to figuring out how to add SSL!

Eddie