> The SocketServer class creates a socket to listen on clients, and a
> new socket per client (only for stream server like TCPServer, not for
> UDPServer).
>
> Until recently (2011-05-24, issue #5715), the listening socket was not
> closed after fork for the ForkingMixIn flavor. This caused two iss
2013/1/10 Victor Stinner :
> A better API is maybe to add a "cloexec" argument to open(), ...
I realized that setting close-on-exec flag is a non trivial problem.
There are many ways to set it depending on the function, on the OS,
and on the OS version. There is also the difficult question of the
2013/1/9 Charles-François Natali :
>> My question is: would you accept to break backward compatibility (in
>> Python 3.4) to fix a potential security vulnerability?
>
> Although obvious, the security implications are not restricted to
> sockets (yes, it's a contrived example):
> ...
> f = open("/tm
> My question is: would you accept to break backward compatibility (in
> Python 3.4) to fix a potential security vulnerability?
Although obvious, the security implications are not restricted to
sockets (yes, it's a contrived example):
"""
# cat test_inherit.py
import fcntl
import os
import pwd
imp
On Wed, Jan 9, 2013 at 4:48 AM, Victor Stinner wrote:
> My question is: would you accept to break backward compatibility (in
> Python 3.4) to fix a potential security vulnerability?
>
> If not, an alternative is to add an option, disabled by default, to
> enable (or disable) explicitly close-on-ex
Hi,
The SocketServer class creates a socket to listen on clients, and a
new socket per client (only for stream server like TCPServer, not for
UDPServer).
Until recently (2011-05-24, issue #5715), the listening socket was not
closed after fork for the ForkingMixIn flavor. This caused two issues:
i
