EXTERNAL: OSError: [Errno 48] Address already in use
Grant Edwards
grant.b.edwards at gmail.com
Sat Jun 30 20:09:12 EDT 2018
On 2018-06-30, Gregory Ewing <greg.ewing at canterbury.ac.nz> wrote:
> Dan Stromberg wrote:
>> On Thu, Jun 28, 2018 at 10:30 PM, Marko Rauhamaa <marko at pacujo.net> wrote:
>>
>>>Well, the same security issue can be demonstrated without SO_REUSEADDR:
>>>
>>>The security issue can be real but is not directly related with
>>>SO_REUSEADDR.
>>
>> Yes, it can. It just takes longer.
>
> I don't see how the address-reuse timeout can be a security
> measure, because the process trying to take over the address
> can easily circumvent it by setting SO_REUSEADDR.
I've been thinking the same thing. One _might_ be able to argue
against the OS providing the SO_REUSEADDR option on security grounds.
But given that it _does_ exist, I don't see how using it can be
claimed to decrease security.
--
Grant
More information about the Python-list
mailing list