Message269583
OK, so a 3rd party module providing a "safe_exec" function would make a good proof of concept, I assume. You could probably do that using comtypes or pywin32.
I'm not going to try to say what is or isn't a security threat, that's not my expertise. But I am puzzled as to why "use safe_exec rather than exec" isn't an option, but "use python with the malware scanning option enabled" is. Maybe it's like the Powershell execution policy model, though.
I still don't want it to scan my trusted scripts, though. More interpreter startup overhead? No thanks.
Anyway, thanks for the clarification. It's early days yet to be debating this level of detail, so I'll leave it there. |
|
Date |
User |
Action |
Args |
2016-06-30 15:17:10 | paul.moore | set | recipients:
+ paul.moore, brett.cannon, tim.golden, zach.ware, steve.dower, Alexander Riccio |
2016-06-30 15:17:10 | paul.moore | set | messageid: <1467299830.43.0.645477781103.issue26137@psf.upfronthosting.co.za> |
2016-06-30 15:17:10 | paul.moore | link | issue26137 messages |
2016-06-30 15:17:10 | paul.moore | create | |
|