Richard Oudkerk added the comment:
If you want to communicate between processes of the same progam, you are best
off calling multiprocessing.Pipe() or multiprocessing.Queue() in the main
process. Queues or connections can then be inherited by the child processes.
Usually all communication is between the main process and its children:
sibling-to-sibling communication is rare.
> I am trying to understand your reservations about using them for
> communication over a network
Since Connection.recv() automatically unpickles the data it receives it is
effected by the issue discussed here
http://nadiana.com/python-pickle-insecure
Basically, unpickling malicious data can trigger *any* command it wants using
the shell. So you *must* use recv_bytes()/send_bytes() when dealing with
unauthenticated connections.
Over a network you *could* use authentication. But securely sharing the
authentication key between all the hosts is far from straight forward.
----------
_______________________________________
Python tracker <rep...@bugs.python.org>
<http://bugs.python.org/issue16920>
_______________________________________
_______________________________________________
Python-bugs-list mailing list
Unsubscribe:
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
