Thank you, and I'm not planning on executing any data I receive from anybody. So I should be pretty safe...
On Sun, Oct 16, 2011 at 10:48 AM, Hugo Arts <[email protected]> wrote: > On Sun, Oct 16, 2011 at 4:20 PM, bob gailer <[email protected]> wrote: > > On 10/16/2011 8:28 AM, Jacob Bender wrote: > >> > >> Dear Tutors, > >> > >> I've been having an issue with socket. I wanted to use it for > >> transmitting strings over the Internet. > > > > That's good, because strings is all you can transmit. > > > >> The problem is that my friend insists that allowing python to transmit > and > >> receive information via an Internet port is a bad idea. He claimed that > I > >> could(and probably would) receive information that wouldn't necessarily > do > >> my computer any good(in a nutshell). > > > > I am not the expert on this issue. My view: > > > > once you establish a socket connection then you wait to receive data. All > > the socket software (Python or other) does is receive a string. What you > do > > with it is up to you. If you apply eval or exec to it than anything could > > happen. No one can IMHO cause any action via socket. > > > > vulnerabilities in the lower level stack notwithstanding, of course. > But in essence, using sockets in python is not any more dangerous than > using sockets in any other language. You have to watch what you're > doing and be careful with the data you receive, but as long as you do > that you shouldn't be in any danger. > > Hugo >
_______________________________________________ Tutor maillist - [email protected] To unsubscribe or change subscription options: http://mail.python.org/mailman/listinfo/tutor
