Senthil Kumaran <orsent...@gmail.com> added the comment: As the pydoc server "advertises" that it is running from localhost in both CLI and GUI, it is best to bind the socket to 'localhost' instead of '' (which would bind it to all the interfaces).
So, a simple fix for this issue, which will remove the security concern: host = 'localhost' - self.address = ('', port) + self.address = (host, port) If is to be run from user-defined interface with a new --host <interface> option, that it can be dealt with as new feature request. This issue can be considered fixed with commits r84173 and r84174. ---------- nosy: +orsenthil resolution: -> fixed stage: unit test needed -> committed/rejected status: open -> closed _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue672656> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com