diff options
author | Guido van Rossum <guido@python.org> | 1997-07-19 21:13:53 (GMT) |
---|---|---|
committer | Guido van Rossum <guido@python.org> | 1997-07-19 21:13:53 (GMT) |
commit | eca991df27393c4ed4ea7b164b31aa631a2478ef (patch) | |
tree | 9614b907ead72cb1499f7ce114f19c443d9d4a56 | |
parent | d1bef00f667d0fe5edb2c609f8d89a3fd67f88fe (diff) | |
download | cpython-eca991df27393c4ed4ea7b164b31aa631a2478ef.zip cpython-eca991df27393c4ed4ea7b164b31aa631a2478ef.tar.gz cpython-eca991df27393c4ed4ea7b164b31aa631a2478ef.tar.bz2 |
Change security policy -- only accept requests from current host.
-rwxr-xr-x | Demo/pysvr/pysvr.py | 30 |
1 files changed, 9 insertions, 21 deletions
diff --git a/Demo/pysvr/pysvr.py b/Demo/pysvr/pysvr.py index 4488386..329909b 100755 --- a/Demo/pysvr/pysvr.py +++ b/Demo/pysvr/pysvr.py @@ -6,13 +6,15 @@ This is really a prototype for the same thing in C. Usage: pysvr.py [port] +For security reasons, it only accepts requests from the current host. +This can still be insecure, but restricts violations from people who +can log in on your machine. Use with caution! + """ import sys, os, string, getopt, thread, socket, traceback -OK_DOMAINS = [".cnri.reston.va.us", ".python.org"] - -PORT = 7585892 % 0xFFFF # == 49367 +PORT = 4000 # Default port def main(): try: @@ -43,6 +45,7 @@ def main_thread(port): sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) sock.bind(("", port)) sock.listen(5) + print "Listening on port", port, "..." while 1: (conn, addr) = sock.accept() thread.start_new_thread(service_thread, (conn, addr)) @@ -50,26 +53,11 @@ def main_thread(port): def service_thread(conn, addr): (caddr, cport) = addr - try: - host, aliases, ipaddrs = socket.gethostbyaddr(caddr) - except socket.error: - print "Don't know hostname for", caddr - return - if '.' not in host: - for a in aliases: - if '.' in a: - host = a - break - else: - print "Only a local name (%s) for %s" % (host, caddr) - return - i = string.find(host, '.') - domain = string.lower(host[i:]) - if domain not in OK_DOMAINS: - print "Connection from", host, "not accepted" + if caddr != socket.gethostbyname(socket.gethostname()): + print "Connection from", caddr, "not accepted." return print "Thread %s has connection from %s.\n" % (str(thread.get_ident()), - host), + caddr), stdin = conn.makefile("r") stdout = conn.makefile("w", 0) run_interpreter(stdin, stdout) |