Message 258458 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	Alexander Riccio
Recipients	Alexander Riccio, paul.moore, steve.dower, tim.golden, zach.ware
Date	2016-01-17.10:07:07
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1453025227.24.0.844480386092.issue26137@psf.upfronthosting.co.za>
In-reply-to

Content
When I say "I'm really not sure what it'd look like, or how it'd work" I mean at the C level. At a higher level, there are many places that I imagine are good places to use AMSI: Perhaps expressions passed in from the command line (-c) should be scanned; maybe pip packages should be scanned on installation, and maybe untrusted packages should be scanned right before execution... Then it's a matter of calling the AMSI APIs in the right places; I don't know where those are.

When I say "I'm really not sure what it'd look like, or how it'd work" I mean at the C level. At a higher level, there are many places that I imagine are good places to use AMSI: Perhaps expressions passed in from the command line (-c) should be scanned; maybe pip packages should be scanned on installation, and maybe untrusted packages should be scanned right before execution...

Then it's a matter of calling the AMSI APIs in the right places; I don't know where those are.

History
Date	User	Action	Args
2016-01-17 10:07:07	Alexander Riccio	set	recipients: + Alexander Riccio, paul.moore, tim.golden, zach.ware, steve.dower
2016-01-17 10:07:07	Alexander Riccio	set	messageid: <1453025227.24.0.844480386092.issue26137@psf.upfronthosting.co.za>
2016-01-17 10:07:07	Alexander Riccio	link	issue26137 messages
2016-01-17 10:07:07	Alexander Riccio	create