August 2018
Intermediate to advanced
366 pages
10h 14m
English
Content preview from Modern Python Standard Library Cookbook
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
There's more...
XMLRPCServices has big security implications, and so you should never use SimpleXMLRPCServer on an open network.
The most obvious concern is that you are allowing remote-code execution to anyone as the XMLRPC server is unauthenticated. So, the server should only run on private networks where you can ensure that only trusted clients will be able to access the services.
But even if you provide proper authentication in front of the service (which is possible by using any HTTP proxy in front of it), you still want to ensure that you trust the data your clients are going to send because XMLRPCServices suffers from some security limitations.
The data being served is exchanged in clear text, so anyone able to sniff your network will ...