This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author sbt
Recipients jbrearley, sbt
Date 2013-01-14.21:35:35
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1358199335.73.0.618102899908.issue16920@psf.upfronthosting.co.za>
In-reply-to
Content 
If you want to communicate between processes of the same progam, you are best off calling multiprocessing.Pipe() or multiprocessing.Queue() in the main process.  Queues or connections can then be inherited by the child processes.  Usually all communication is between the main process and its children: sibling-to-sibling communication is rare.

> I am trying to understand your reservations about using them for
> communication over a network

Since Connection.recv() automatically unpickles the data it receives it is effected by the issue discussed here

    http://nadiana.com/python-pickle-insecure

Basically, unpickling malicious data can trigger *any* command it wants using the shell.  So you *must* use recv_bytes()/send_bytes() when dealing with unauthenticated connections.

Over a network you *could* use authentication.  But securely sharing the authentication key between all the hosts is far from straight forward.
History
Date User Action Args
2013-01-14 21:35:35sbtsetrecipients: + sbt, jbrearley
2013-01-14 21:35:35sbtsetmessageid: <1358199335.73.0.618102899908.issue16920@psf.upfronthosting.co.za>
2013-01-14 21:35:35sbtlinkissue16920 messages
2013-01-14 21:35:35sbtcreate