Message114269
As the pydoc server "advertises" that it is running from localhost in both CLI and GUI, it is best to bind the socket to 'localhost' instead of '' (which would bind it to all the interfaces).
So, a simple fix for this issue, which will remove the security concern:
host = 'localhost'
- self.address = ('', port)
+ self.address = (host, port)
If is to be run from user-defined interface with a new --host <interface> option, that it can be dealt with as new feature request.
This issue can be considered fixed with commits r84173 and r84174. |
|
Date |
User |
Action |
Args |
2010-08-18 19:37:00 | orsenthil | set | recipients:
+ orsenthil, ping, kasplat, pboddie, aptshansen, BreamoreBoy |
2010-08-18 19:37:00 | orsenthil | set | messageid: <1282160220.03.0.38020754608.issue672656@psf.upfronthosting.co.za> |
2010-08-18 19:36:58 | orsenthil | link | issue672656 messages |
2010-08-18 19:36:57 | orsenthil | create | |
|