Hi,
the update thing looks sane to me, but only IF you can really trust
that crc/md5 part, which you didn't flesh out very much. I really don't
know enough about crypto stuff to comment on this part. Some things to
think about, anyway: How exactly will this work? How can you be sure
that hackers won't use this mechanism to replace your code with theirs?
You might argue that you won't have enough installations to get hackers
interested in your server. In closed networks, well okay. But I
wouldn't run this on an internetwide accessible machine.
I don't know what your situation is; if this is for a larger
organization: do you run an automatic software deployment tool in your
organization? These do the same thing, but for all kinds of apps. Why
not use that to deliver updates? If you don't have such a thing but can
afford it, think about buying one. I can give you some pointers if
you're interested; I used to work in that field.
Cheers,
Stefan
On 15.09.2004, at 14:46, Brad Tilley wrote:
I've written and tested a *very basic* socket server that I'll have to
deploy soon... sooner than I'd like as much of the functionality that
I want to include hasn't been implemented or even tested yet. So, I've
been thinking about writing a function that has the ability to upgrade
the socket server remotely. However, I have never done anything like
this so I'm looking for tips and advice on the subject.
The socket server runs continuously listening for connections so I'll
always be able to communicate with it. Here's some pseudo code that
captures the essence of what I'd like to do:
def update_urself():
receive updated socket server code & write it to a file
verify file with crc or md5sum check on both ends
if verify is OK:
close all connections
replace sock_serv.py with sock_serv_update.py
if conn.recv == 'UPDATE'
update_urself()
Does this look sane?
--
http://mail.python.org/mailman/listinfo/python-list
//
st****@eischet.com //