Python as network protocol
Diez B. Roggisch
deets at nospam.web.de
Tue Nov 10 03:55:11 EST 2009
Cooch schrieb:
> Hi, guys!
>
> I want to implement such specific feature:
> I have a server written in Python. I have a client written in C++. I
> want to use Python as network protocol between them. I mean: client
> send to server such string: "a = MyObject()", so object of this type
> will appear in server. Any ideas how to simplify this implementation?
> I make XML-RPC/SOAP server using twisted which just execute sended
> string. But I don't know how to:
> 1. Restrict usage of some modules on client side (os, sys etc..)
> 2. Divide variables of different clients. Generally, I know that I
> should use "exec .. in .. " construct, but don't know how to
> distinguish between clients in twisted.
This is a *really* bad idea. Because there is no real way to restrict
execution in python, and thus you allow clients to inject arbitrary code
into your server. Including the notorious "os.system('rm -rf /')".
So - don't do that. Use e.g. CORBA if you need a richer, object-base
protocol than XMLRPC.
Diez
More information about the Python-list
mailing list