This isn't specific to ActivePython, so apologies in advance if this is inappropriate list material. I'll make a general post to comp.lang.python later. The modified pydoc.py file is at the URL below. ka --- >From the readme.txt file... http://www.semi-retired.com/python/pythonwin/ pydoc.py This is a replacement for pydoc.py in Python21\lib. A simple change to class DocServer prevents connections to the pydoc server other than the localhost and/or additional IP addresses you specify in the validIPList: self.validIPList = ['127.0.0.1'] The actual work is done by overriding the verify_request method. def verify_request(self, request, client_address): if client_address[0] in self.validIPList: return 1 else: return 0 My main motivation for this change is that the pydoc server doesn't log connection requests, so if another machine is accessing yours via the pydoc server you wouldn't have a record of it. More importantly, there may be security holes in the current BaseHTTPServer class and it is better to be safe than sorry. If the machine you are running the pydoc server on is behind a firewall, you may not need this extra layer of security. If you are interested in a local firewall for your Windows machine I recommend ZoneAlarm by ZoneLabs http://www.zonelabs.com/ ZoneAlarm is free for personal use. I am not affiliated with ZoneLabs in any way. If you want a quick check of your machine vulnerability on standard ports (including NetBIOS ports), visit: https://grc.com/x/ne.dll?bh0bkyd2 Note that this will not check the port pydoc is running on. _______________________________________________ ActivePython mailing list [EMAIL PROTECTED] http://listserv.ActiveState.com/mailman/listinfo/activepython
