On Jan 15, 2014, at 11:31 AM, Chris Angelico <ros...@gmail.com> wrote:
> On Thu, Jan 16, 2014 at 3:25 AM, William Ray Wing <w...@mac.com> wrote: >> On Jan 15, 2014, at 7:52 AM, Chris Angelico <ros...@gmail.com> wrote: >>> One of the fundamentals of the internet is that connections *will* >>> break. A friend of mine introduced me to Magic: The Gathering via a >>> program that couldn't handle drop-outs, and it got extremely >>> frustrating - we couldn't get a game going. Build your server such >>> that your clients can disconnect and reconnect, and you protect >>> yourself against half the problem; allow them to connect and kick the >>> other connection off, and you solve the other half. >> >> But note VERY carefully that this can open HUGE security holes if not done >> with extreme care. >> >> Leaving a dangling connection (not session, TCP closes sessions) open is an >> invitation so bad things happening. > > Not sure what you mean here. I'm assuming an authentication system > that stipulates one single active connection per authenticated user > (if you reauthenticate with the same credentials, it'll disconnect the > other one on the presumption that the connection's been lost). In > terms of resource wastage, there's no difference between disconnecting > now and letting it time out, and waiting the ten minutes (or whatever) > and then terminating cleanly. Or do you mean another user gaining > access? It's still governed by the same authentication. > I was assuming another user picking up the connection using sniffed credentials (and yes, despite all the work on ssh, not all man-in-the-middle attacks have been killed). -Bill > ChrisA > -- > https://mail.python.org/mailman/listinfo/python-list -- https://mail.python.org/mailman/listinfo/python-list
