Re: [Gnumed-devel] thanks re mimencode

[syan tan]

On Sun, 2002-05-12 at 17:08, Horst Herb wrote:
> On Sat, 11 May 2002 09:28, syan tan wrote:
> >   I'm not sure how ssl can be bypassed, but may be you mean if someone
> > goes into the protocol and intercepts at a low level ( eg. ip packets) ,
> > it could be possible to spoof client or server authentication and
> 
> You are thinking too complicated. I wasn't talking bout breaking into the 
> SSL connection at all. I said that it was impossible to ensure that the 
> middleware cannot be bypassed - a client can always connect directly to 
> the backend, no way to prevent this from happening in a reliable 
> waterproof way.
> 
> >   BTW, does anyone know if python was coded so that address space
> > violations don't happen, e.g. buffer write length limits in all input
> > output functions?
> 
> Correct. Memory handling is done by python, and as long as python is bug 
> free ;-) address space violations cannot happen no matter how bad your 
> code is.
> Exception: you have to realize that most variables are passed "by 
> reference", and though you cannot violate the address space, you are prone 
> to overwrite data you didn't intend to overwrite
> 
> Horst
> 
> _______________________________________________
> Gnumed-devel mailing list
> address@hidden
> http://mail.gnu.org/mailman/listinfo/gnumed-devel
Does that include firewall servers, e.g. which say receive in http  some
embedded protocol ( e.g. soap) , which does some validation of received 
requests, then reconstructs requests , then forwards to the real server,
which is on a different network ( the intranet lan) .
Requests to the proxy firewall on the postgresql port aren't forwarded,
but could be logged. 
If I've left out something, please reply, because I
am trying to get a handle on security issues at the moment.