Best technology for agent/web server architecture
Gabriel Genellina
gagsl-py2 at yahoo.com.ar
Mon May 12 02:18:02 EDT 2008
> 2008/5/8 M.-A. Lemburg <mal at egenix.com>:
>
>> SOAP would be a good choice if you want to send to data to other
>> servers as well, e.g. Java-based ones.
>>
>> XML-RPC and JSON are better for simple data structures.
>>
>> If you have control over both client and server and don't
>> need to bother with other backends or frontends, Python
>> pickle is the best choice.
En Fri, 09 May 2008 05:41:07 -0300, Florencio Cano <florencio.cano at gmail.com> escribió:
> I have control over agent and client but I'm not sure how to use
> pickle for this task. Do you suggest to pickle the objects that I want
> to send and send it over a usual socket? I have searched a bit in
> Google and I have seen that Pickle is insecure by default. What do you
> think about this?
"insecure" means that someone could build a specially crafted pickle able to run arbitrary code on the unpickling environment. One way to avoid that is to only accept pickles from trusted sources: using SSL by example.
--
Gabriel Genellina
More information about the Python-list
mailing list