[Alan Kennedy] >>Instead, I think the right approach is to continue with the existing >>approach: put the most basic possible WSGI server in the standard >>library, for educational purposes only, and a warning that it shouldn't >>really be used for production purposes.
[Bill Janssen] > I strongly disagree with this thinking. Non-production code shouldn't > go into the stdlib; instead, Alan's proposed module should go onto > some pedagogical website somewhere with appropriate tutorial > documentation. I still disagree ;-) IMO, the primary reason for not including production servers in the standard library is that servers need to be maintained much more fastidiously than the standard library, and need to be released on a timescale that is independent of python releases. Note the security hole incovered in the standard library xml-rpc lib last year. PSF-2005-001 - SimpleXMLRPCServer.py allows unrestricted traversal http://www.python.org/security/PSF-2005-001/ This particular security hole is the very reason why the Python Security response team had to be founded, and required point-releases of the entire python distribution to fix, i.e. python 2.3.5 and python 2.4.1 were released simply to fix this bug. There are two primary areas of the python distro that can result in such significant security holes. 1. Crypto libraries. Fortunately, the Timbot has been carefully watching over us, and ensuring the excellence of the python crypto libraries (as witnessed by the appearance of Ron Rivest on python-dev (!) last December: http://mail.python.org/pipermail/python-dev/2005-December/058850.html 2. Internet-exposed servers. No matter how careful developers are, it is very difficult to avoid designing security holes into such servers. Therefore, IMHO, it is wrong to include such servers into the standard distribution. Instead, production-ready servers should be independent of the standard distribution, have their own development teams, have independent release-cycles, etc, etc: think Twisted, mod_python, etc. So, I still think that only basic servers educational/playpen servers should go in the standard library, with an indication that the user should pick an openly server from outside the distro if they require to do serious server work. Maybe if there were no "production-ready" servers in the standard library, there would be no need for a "Python Security Response Team". Just my €0,02. Regards, Alan. _______________________________________________ Web-SIG mailing list Web-SIG@python.org Web SIG: http://www.python.org/sigs/web-sig Unsubscribe: http://mail.python.org/mailman/options/web-sig/archive%40mail-archive.com
