[mod_python] Re: Question about Session security

Stephane Bortzmeyer bortzmeyer at nic.fr
Thu Jun 16 10:03:27 EDT 2005


On Thu, Jun 16, 2005 at 09:44:44PM +0800,
 Wouter van Marle <wouter at squirrel-systems.com> wrote 
 a message of 87 lines which said:

> For a mere authorisation to post messages in a board, or to track
> share ratios (think of BitTorrent sites), that kind of things, I
> would say it is safe enough.

Sure. So is not taking IP addresses into account. Remember that the OP
wanted "more security" by appending the IP address of the client,
while still sending the cookie in plaintext. I just pointed the
contradiction.



More information about the Mod_python mailing list