On Thu, 28 Jun 2018 23:27:38 +0300, Marko Rauhamaa wrote:
> Dan Stromberg <drsali...@gmail.com>:
>> On Wed, Jun 27, 2018 at 10:31 PM, Marko Rauhamaa <ma...@pacujo.net>
>> wrote:
>>> Dan Stromberg <drsali...@gmail.com>:
>>> >> > The problem can be solved by turning on the SO_REUSEADDR flag of
>>> >> > the socket.
>>> > BTW, it's a security feature you're turning off. If you're on a
>>> > multiuser box, it prevents a second user from stealing lingering
>>> > connections from a first user on the same port.
>>>
>>> Can you provide a brief proof of concept?
>>>
>> https://stackoverflow.com/questions/19960475/problems-related-to-so-
reuseaddr
>
> I'm sorry but I couldn't find a working example behind the link. Could
> you demonstrate the problem with a few lines of Python.
Do you think attackers are limited to a few lines of Python?
If you are asking from academic curiosity, limited by care factor ("I
care about this enough to read a few lines of Python but not 100 lines or
20 lines of C...") that's fair enough.
But if you're trying to express skepticism that this is a genuine
concern, then "a few lines of Python" is an unreasonable limitation.
--
Steven D'Aprano
"Ever since I learned about confirmation bias, I've been seeing
it everywhere." -- Jon Ronson
--
https://mail.python.org/mailman/listinfo/python-list
