Author brett.cannon
Recipients Antony.Lee, WGH, brett.cannon
Date 2016-04-12.17:40:12
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1460482812.75.0.561831840608.issue25330@psf.upfronthosting.co.za>
In-reply-to
Content
This can't change in Python 2.7 because of backwards-compatibility. And I would argue this isn't a serious security risk as pkgutil.get_data() typically works with string constants and values provided by the library and not user-provided values. This is basically the same as taking a value for open() and has the same risks.
History
Date User Action Args
2016-04-12 17:40:12brett.cannonsetrecipients: + brett.cannon, Antony.Lee, WGH
2016-04-12 17:40:12brett.cannonsetmessageid: <1460482812.75.0.561831840608.issue25330@psf.upfronthosting.co.za>
2016-04-12 17:40:12brett.cannonlinkissue25330 messages
2016-04-12 17:40:12brett.cannoncreate