Security is a wide field ...
You think you are already safe on the process/local execution side in the sense that no input to your program will allow remote execution of arbitrary code on your server (due to buffer overflows). Simply using -T dosen't make your program sure, because security is a way of thinking and not something you get by applying some magic command line switch to your script. But if you have gone over your script and also have looked at the calls to open() (these could allow shell code to be executed) you are believably safe.
The remaining attacks are less security-wise attacks but more attacks on your protocol and attacks on your infrastructure. Attacks on your infrastructure are Denial Of Service attacks which could flood your server or clients with many big packets, eating their bandwidth (or simply connecting many clients to your server, so that your server has to send one megabyte to all the clients for every byte sent to the server, or simply creating a loop where the server accepts itself as a client). Attacks on the infrastructure are best opposed by monitoring the system and setting the "right" ulimits. Attacks on the protocol itself (like sending bogus client addresses, making the server believe that it connects to itself etc.) must be determined by looking at your protocol (which you haven't told us about, but I guess these attacks are not really possible, as your protocol simply relies on the TCP connection being made).
Update : crazyinsomniac pointed out that I forgot to mention perlsec, the Perl security manpage. My bad indeed.
perl -MHTTP::Daemon -MHTTP::Response -MLWP::Simple -e ' ; # The $d = new HTTP::Daemon and fork and getprint $d->url and exit;#spider ($c = $d->accept())->get_request(); $c->send_response( new #in the HTTP::Response(200,$_,$_,qq(Just another Perl hacker\n))); ' # web
In reply to Re: Multithread Server security
by Corion
in thread MULTITHREAD SERVER
by katzuma
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |