Author gregory.p.smith
Recipients Park Alex, gregory.p.smith, python-dev, rhettinger, serhiy.storchaka, stutzbach, vstinner
Date 2016-06-12.00:43:13
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1465692194.43.0.985950957933.issue27291@psf.upfronthosting.co.za>
In-reply-to
Content
Executing code in any form from untrusted sources can do arbitrary things.

If someone can corrupt .pyc data before python executes it, they are just as likely to be able to corrupt other things leading to more direct exploits not even requiring the CPython interpreter.
History
Date User Action Args
2016-06-12 00:43:14gregory.p.smithsetrecipients: + gregory.p.smith, rhettinger, vstinner, stutzbach, python-dev, serhiy.storchaka, Park Alex
2016-06-12 00:43:14gregory.p.smithsetmessageid: <1465692194.43.0.985950957933.issue27291@psf.upfronthosting.co.za>
2016-06-12 00:43:14gregory.p.smithlinkissue27291 messages
2016-06-12 00:43:13gregory.p.smithcreate