[mod_python] Mod_python Security

marinus van aswegen mvanaswegen at gmail.com
Fri Mar 3 03:12:01 EST 2006

Thanks guys, just what I was looking for. I suspect the safest way to deploy
my mod_python app is to ensure that all calls go through one function via
the publisher ...eg. cmd.py/<what ever cmd you want>.

I'd like to be able to detect if debugging is on via my cmd, so that it will
refuse to exec and return a page indicating that it's down for maint. Is
there a way from inside my script?

Next step is to sanitise input, I'm thinking of using a white list of chars.
Is there a way to ensure that all input will be non Unicode?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mm_cfg_has_not_been_edited_to_set_host_domains/pipermail/mod_python/attachments/20060303/98db6a37/attachment.html

More information about the Mod_python mailing list