On Fri, 17 Aug 2012 02:27:42 +0000, Steven D'Aprano wrote: > On Fri, 17 Aug 2012 08:43:50 +1000, Chris Angelico wrote: > >> On Fri, Aug 17, 2012 at 6:54 AM, Eric Frederich >> <eric.freder...@gmail.com> wrote: >>> Hello, >>> >>> I have a bunch of Python bindings for a 3rd party software running on >>> the server side. >>> I can add client side extensions that communicate over some http / xml >>> type requests. >>> So I can define functions that take a string and return a string. I >>> would like to get a simple read eval print loop working. >> >> Let's stop *right there*. You're looking for something that will run on >> your server, take strings of text from a remote computer, and eval >> them. >> >> Please, please, please, on behalf of every systems administrator in the >> world I beg you, please do not do this. >> >> Instead, define your own high-level protocol > > Stop right there! > > There is already awesome protocols for running Python code remotely over > a network. Please do not re-invent the wheel without good reason. > > See pyro, twisted, rpyc, rpclib, jpc, and probably many others.
I think you missed the main point of the previous post which was. Do NOT blindly eval data sent from a remote computer as is cannot be trusted. This of course is assuming they are not on a secure connection, but even then it is good practice as not all attacks come from outside. although i have to agree with you about not re-inventing wheels, they invariably come out square :-) -- <Kensey> RMS for President??? <RelDrgn> ...or ESR, he wants a new job ;) -- http://mail.python.org/mailman/listinfo/python-list
