Home - News ( United States | United Kingdom | Italy | Germany ) - Football scores

Showing content from https://mail.python.org/pipermail/python-dev/2017-September/149361.html below:

[Python-Dev] PEP 553 V2 - builtin breakpoint() (was Re: PEP 553: Built-in debug())

• Previous message (by thread): [Python-Dev] PEP 553 V2 - builtin breakpoint() (was Re: PEP 553: Built-in debug())
• Next message (by thread): [Python-Dev] PEP 552: deterministic pycs
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 7 September 2017 at 20:02, Adrian Petrescu <apetresc at gmail.com> wrote:
> Would that not be a security concern, if you can get Python to execute
> arbitrary code just by setting an environment variable?

Not really, as once someone has write access to your process
environment, you've already lost (they can mess with PYTHONIOENCODING,
PYTHONPATH, LD_PRELOAD, OpenSSL certificate verification settings, and
more).

Cheers,
Nick.

-- 
Nick Coghlan   |   ncoghlan at gmail.com   |   Brisbane, Australia

• Previous message (by thread): [Python-Dev] PEP 553 V2 - builtin breakpoint() (was Re: PEP 553: Built-in debug())
• Next message (by thread): [Python-Dev] PEP 552: deterministic pycs
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

RetroSearch is an open source project built by @garambo | Open a GitHub Issue

Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo

HTML: 3.2 | Encoding: UTF-8 | Version: 0.7.4