This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author steve.dower
Recipients Alexander Riccio, brett.cannon, paul.moore, steve.dower, tim.golden, zach.ware
Date 2016-06-30.13:02:36
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1467291756.71.0.957982486109.issue26137@psf.upfronthosting.co.za>
In-reply-to
Content 
AMSI is intended for local scanners that are entirely on your own machine, so code never goes anywhere, and everything that passes through the file system is already scanned because of hooks whether you wrote it or not (maybe you're thinking of SmartScreen?).

What this would add is scanning at the exec point in:

python -c exec(decrypt(open('file.bin', 'rb')))

Currently, malware scanners don't get to see the decrypted code, and I'm assured this is a common pattern for getting malware onto machines (yes, in Python).

That said, I fully expect the official releases to require a registry key to enable it (can't be env or CLI option or an attacker would just leave it out :) ). Wouldn't be on for normal use, but would be available for paranoid people.
History
Date User Action Args
2016-06-30 13:02:36steve.dowersetrecipients: + steve.dower, brett.cannon, paul.moore, tim.golden, zach.ware, Alexander Riccio
2016-06-30 13:02:36steve.dowersetmessageid: <1467291756.71.0.957982486109.issue26137@psf.upfronthosting.co.za>
2016-06-30 13:02:36steve.dowerlinkissue26137 messages
2016-06-30 13:02:36steve.dowercreate