473,321 Members | 1,708 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,321 software developers and data experts.

Safe Local XMLRPC

Hi. I'm a user of python for about 3 years now. I've written a
client-server application that uses SimpleXMLRPCServer and
xmlrpclib.ServerProxy to communicate. It's intended to be used by a
single-person as a backend and GUI frontend. I've got it running
great. Much stabler than my custom RPC I'd tried before.

I've used the default support available by these classes. Thus it will
run on a potentially public TCP/IP port. As the application backend
allows, among other things, saving files to the local filesystem, this
would be a clear security hole in the wild. Restricting it to
localhost would be a start, but not sufficient for multi-user systems.

It looks like it should be easy to modify both classes (or create
similar composite classes) that used unix-domain stream sockets. I
tried at one point and I think I got the server side, but without a
working client side it was impossible to tell. Is there a better way
to do this, or might someone point to references or sample code for
creating a unix-domain SimpleXMLRPCServer and xmlrpclib.ServerProxy?

Thanks!
-m
Jul 18 '05 #1
6 5292
> I've used the default support available by these classes. Thus it will
run on a potentially public TCP/IP port. As the application backend
allows, among other things, saving files to the local filesystem, this
would be a clear security hole in the wild. Restricting it to
localhost would be a start, but not sufficient for multi-user systems.


This might not be the answer you want, but I'd personally ditch xmlrpc and
switch to something like pyro or even corba and implement a "real"
authentication theme. They are easy to use, provide a full OO-style
interface and are even faster than xmlrpc.

Part of the problems you're facing stem from the stateless nature of xmlrpc
(and soap, for that matter). That allows everybody to access the API
without prior authentication. It requires some effort to implement a
authentication/authorization scheme over xmlrpc. What usually is done in
xmlrpc in similar situations like yours is that there is a

authenticate(user, password)

function that will return a handle on success that has to be passed to all
subsequent calls to other functions. All this because the handle can't be
associated with each and every xmlrpc request (in soap that can be done,
but its undstandarized.)

With corba/pyro, authenticate would return an object that implicitely has
all the state needed - nameley who created the connection - and then you
don't have to bother about that anymore.

Switching to pyro shouldn't be much more than a few lines of code, more or
less only subclassing your server from Pyro.core.ObjBase instead of
SimpleXMLRPCServer.

--
Regards,

Diez B. Roggisch
Jul 18 '05 #2
[Sorry, I previously replied to Diez offlist, and probably to a
spam-protected address at that. Here's that reply and my followup
after reading up on pyro
]
On Sat, 12 Mar 2005 11:08:31 -0600, Michael Urman <mu****@gmail.com> wrote:
On Sat, 12 Mar 2005 14:12:21 +0100, Diez B. Roggisch <de*********@web.de> wrote:
This might not be the answer you want, but I'd personally ditch xmlrpc and
switch to something like pyro or even corba and implement a "real"
authentication theme.


I don't have a problem with switching interfaces so long as I can keep
my (admittedly useless) feature of multiple simultaneous connections.
I am hoping to avoid writing an authentication method, as some slight
missteps there could lead to real trouble later; this is why I was
hoping to do unix-domain socket transports which I could just set to
read-write only by the owner on the filesystem itself.
With corba/pyro, authenticate would return an object that implicitely has
all the state needed - nameley who created the connection - and then you
don't have to bother about that anymore.


If I can get the authentication that I'm looking for that cheaply,
then this does indeed sound like the way for me to go. I'm not worried
about supporting remote connections, or anything of that nature, so
local identity is sufficient. I'll look into pyro; conveniently
there's a debian package for me to try.

Thanks Diez!
-m


Hmm. On inspection, pyro seems to be really heavy, what with its
requirement of a pyro-nameserver, and using TCP as the transport. I
think I'd still prefer convincing a variant of SimpleXMLRPCServer and
xmlrpclib.ServerProxy to use unix domain sockets and using filesystem
security to limit access to the owner.

Thanks again,
-m
Jul 18 '05 #3
Thanks for your time everyone; I got it XMLRPC working over unix
domain stream sockets. In case people are interested, here's the
pieces I put together. I'm sure they throw away a little flexibility,
but they work for my purpose. Any pointers to make the code more
robust, or do less total overriding of should-be-arguments
appreciated.

-m

from SocketServer import UnixStreamServer
from SimpleXMLRPCServer import SimpleXMLRPCDispatcher,
SimpleXMLRPCRequestHandler
from xmlrpclib import ServerProxy, Fault, Transport
from socket import socket, AF_UNIX, SOCK_STREAM

# Server side is pretty easy - almost a direct copy of SimpleXMLRPCServer
SOCKPATH = 'testsock'
class UnixStreamXMLRPCServer(UnixStreamServer, SimpleXMLRCPDispatcher):
def__init__(self, addr=SOCKPATH, requestHandler=SimpleXMLRPCRequestHandler):
self.logRequests = 0 # critical, as logging fails with UnixStreamServer
SimpleXMLRPCDispatcher.__init__(self)
UnixStreamserver.__Init__(self, addr, requestHandler)

# Client is a lot more complicated and feels fragile
from httplib import HTTP, HTTPConnection
class UnixStreamHTTPConnection(HTTPConnection):
def connect(self):
self.sock = socket(AF_UNIX, SOCK_STREAM)
self.sock.connect(SOCKPATH)

class UnixStreamHTTP(HTTP):
_connection_class = UnixStreamHTTPConnection

class UnixStreamTransport(Transport):
def make_connection(self, host):
return UnixStreamHTTP(SOCKPATH) # overridden, but prevents IndexError

proxy = ServerProxy('http://' + SOCKPATH, transport=UnixStreamTransport())
# proxy now works just like any xmlrpclib.ServerProxy
Jul 18 '05 #4
> Hmm. On inspection, pyro seems to be really heavy, what with its
requirement of a pyro-nameserver, and using TCP as the transport.


The nameserver is purely optional. Regarding the overhead of transport -
well, I didn't check pyro on that, but corba is 10-100 times faster over
the network than soap/xmlrpc. So while the local loopback _might_ be slower
(I'm not even sure about that) than the unix socket, marshalling data as
xml has its own cost overhead.
--
Regards,

Diez B. Roggisch
Jul 18 '05 #5
Diez B. Roggisch wrote:
... corba is 10-100 times faster over
the network than soap/xmlrpc. ...


I'm not challenging these statistics (because I don't know),
but I would be interested in the source. Are you referring
to the results of an actual benchmark, or something more
subjective?

Steve
Jul 18 '05 #6
Stephen Waterbury wrote:
Diez B. Roggisch wrote:
... corba is 10-100 times faster over
the network than soap/xmlrpc. ...


I'm not challenging these statistics (because I don't know),
but I would be interested in the source. Are you referring
to the results of an actual benchmark, or something more
subjective?


Mainly personal expirience (I run a corba server that has an xmlrpc server
on top to adapt the interface for php, which has limited corba facilities),
but there are benchmarks on this that support my claim:

http://csdl.computer.org/comp/procee...8500084abs.htm
--
Regards,

Diez B. Roggisch
Jul 18 '05 #7

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

0
by: glin | last post by:
Hi I am trying to integrate the xmlrpc server into a class, does anyone know how to get it working? test.html: <html> <head> <title>XMLRPC Test</title> <script src="jsolait/init.js"></script>...
0
by: Juan Carlos CORUÑA | last post by:
Hello all, I'm trying to create a COM Server with an embedded xmlrpc server. Here is way it must work: - The client application (programmed with a COM capable language) instantiates my COM...
42
by: Irmen de Jong | last post by:
Pickle and marshal are not safe. They can do harmful things if fed maliciously constructed data. That is a pity, because marshal is fast. I need a fast and safe (secure) marshaler. Is xdrlib the...
1
by: Joxean Koret | last post by:
Hi to all! I'm having troubles to make my XMLRPC application working with non ASCII characters. Example: 1.- In one terminal run the following script: -----------XMLRPC...
1
by: emielvl | last post by:
Hello, I'm developing a client/server architecture based on the XML-RPC implementation in php4. All works pretty well, except that in the response from the server there is no "Content-Length" in...
4
by: elyob | last post by:
Hi, I've got --with-xmlrpc option in my php.ini and can see on my phpinfo page. Now, how do I include this in some code? So far I've been downloading xmlrpc into a folder and just calling it from...
3
by: Manuel | last post by:
Hello I need a xmlrpc lib for c++. I know two: xmlrpc++ and xmlrpc-c. But i don't know that it is best for me. I am developing an application in c++. I read that the xmlrpc-c lib is in C and wrap...
0
by: Benjamin Grieshaber | last post by:
Hi, I´m on SuSE 9.3 with xmlrpc-c and xmlrpc-c-devel installed (ver. 0.9.10) I tried to compile php with xmlrpc support and got the following errors: ...
4
by: care02 | last post by:
I have implemented a simple Python XMLRPC server and need to call it from a C/C++ client. What is the simplest way to do this? I need to pass numerical arrays from C/C++ to Python. Yours, Carl
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
0
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: Vimpel783 | last post by:
Hello! Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
0
by: ArrayDB | last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
1
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
1
by: Defcon1945 | last post by:
I'm trying to learn Python using Pycharm but import shutil doesn't work
1
by: Shællîpôpï 09 | last post by:
If u are using a keypad phone, how do u turn on JavaScript, to access features like WhatsApp, Facebook, Instagram....
0
by: af34tf | last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.