This issue tracker has been migrated to GitHub ,
and is currently read-only.
For more information,
see the GitHub FAQs in the Python's Developer Guide.
Created on 2014年09月15日 19:16 by devin, last changed 2022年04月11日 14:58 by admin. This issue is now closed.
| Files | ||||
|---|---|---|---|---|
| File name | Uploaded | Description | Edit | |
| pydoc_server_addr.patch | devin, 2014年09月15日 19:16 | review | ||
| issue22421.diff | orsenthil, 2014年09月16日 15:01 | review | ||
| Messages (6) | |||
|---|---|---|---|
| msg226935 - (view) | Author: Devin Cook (devin) | Date: 2014年09月15日 19:16 | |
Several years ago a patch was applied to set the default binding of the pydoc server to "localhost" instead of "0.0.0.0". It appears that the issue was reintroduced in a5a3ae9be1fb. See previous issue: http://bugs.python.org/issue672656 $ ./python -m pydoc -b Server ready at http://localhost:35593/ Server commands: [b]rowser, [q]uit server> --- $ netstat -lnp | grep python tcp 0 0 0.0.0.0:35593 0.0.0.0:* LISTEN 2780/python As a sidenote, I'm not sure why the localhost lookup breaks the test case on my linux machine, but it does. |
|||
| msg226947 - (view) | Author: Senthil Kumaran (orsenthil) * (Python committer) | Date: 2014年09月16日 11:34 | |
The localhost breaking on your linux system might be due to improper /etc/hosts or is localhost pointing to an ipv6 address? That said, I think it is okay to rely on 127.0.0.1 as host for running pydoc server. I am unsure why the initial check was done only for mac (and windows and linux are left to use localhost). |
|||
| msg226954 - (view) | Author: Senthil Kumaran (orsenthil) * (Python committer) | Date: 2014年09月16日 15:01 | |
sys.platform is darwin since OS X 10.5. I am not sure when it's value was 'mac', So effectively the host was localhost on mac systems. Directly setting the host value to localhost on all platforms may be right thing to do. Here is a patch with tests. |
|||
| msg226980 - (view) | Author: Roundup Robot (python-dev) (Python triager) | Date: 2014年09月17日 05:19 | |
New changeset c438f6aaafa9 by Senthil Kumaran in branch '3.3': Issue #22421 - Secure pydoc server run. Bind it to localhost instead of all interfaces. https://hg.python.org/cpython/rev/c438f6aaafa9 New changeset d36c0f2ab821 by Senthil Kumaran in branch '3.4': Merge from 3.3 https://hg.python.org/cpython/rev/d36c0f2ab821 New changeset 9f7b97fac919 by Senthil Kumaran in branch 'default': Merge from 3.4 https://hg.python.org/cpython/rev/9f7b97fac919 |
|||
| msg226981 - (view) | Author: Senthil Kumaran (orsenthil) * (Python committer) | Date: 2014年09月17日 05:22 | |
2.7 was not affected and it was binding to localhost properly. Since it is security related issue, I have fixed it in 3.3 as well. Fix is now present in 3.4 and 3.5 |
|||
| msg227918 - (view) | Author: Roundup Robot (python-dev) (Python triager) | Date: 2014年09月30日 13:48 | |
New changeset 02dae04b3e2b by Georg Brandl in branch '3.2': Issue #22421 - Secure pydoc server run. Bind it to localhost instead of all interfaces. https://hg.python.org/cpython/rev/02dae04b3e2b |
|||
| History | |||
|---|---|---|---|
| Date | User | Action | Args |
| 2022年04月11日 14:58:08 | admin | set | github: 66611 |
| 2014年09月30日 13:48:38 | python-dev | set | messages: + msg227918 |
| 2014年09月30日 13:39:45 | Arfrever | set | nosy:
+ Arfrever |
| 2014年09月17日 05:22:06 | orsenthil | set | status: open -> closed versions: + Python 3.3, - Python 2.7 messages: + msg226981 resolution: fixed stage: patch review -> resolved |
| 2014年09月17日 05:19:52 | python-dev | set | nosy:
+ python-dev messages: + msg226980 |
| 2014年09月16日 15:01:13 | orsenthil | set | files:
+ issue22421.diff assignee: orsenthil messages: + msg226954 |
| 2014年09月16日 12:41:52 | pitrou | set | stage: patch review versions: + Python 2.7, Python 3.4, Python 3.5 |
| 2014年09月16日 11:34:05 | orsenthil | set | nosy:
+ orsenthil messages: + msg226947 |
| 2014年09月15日 19:16:58 | devin | create | |