Richard Oudkerk added the comment: > If someone used regular sockets deliberately, they could crash > multiprocessing server code deliberately. Any chance of doing a real message > length check against the embedded message length check?
You can do message = conn.recv_bytes(maxlength) if you want a length check -- OSError will be raised if the message is too long. But Listener() and Client() are *not* replacements for the normal socket API and I would not really advise using them for communication over a network. They are mostly used internally by multiprocessing -- and then only with digest authentication. All processes in the same program inherit the same randomly generated authentication key -- current_process().authkey. If you create a listener by doing listener = Listener(address, authenticate=True) then other processes from the same program can connect by doing conn = Client(address, authenticate=True) Without knowing the correct authentication key it is not possible to connect and do a DOS like you describe. ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue16920> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com