Michele Orrù added the comment: Well, it is a security issue IMO, but not particularly harmful. But certainly that's not a RFC violation, since I'm not sending rfc-compliant packets.[0]
The best an attacker could do is to DDoS the server running HTTPServer: tracebacks may open file descriptors and/or send emails to the sysadmin, and hence the attacker could flood the server opening new file descriptors, or the email box.[0] At least, this is the worst thing that came to my mind discussing with exarkun. [0] https://twistedmatrix.com/trac/ticket/6029 ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue16083> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
