This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author Anthony Sottile
Recipients Anthony Sottile, Chris Billington, Ivan.Pozdeev, Peter L3, SilentGhost, __Vano, barry, brett.cannon, cheryl.sabella, christian.heimes, eric.smith, eric.snow, ethan smith, ionelmc, jaraco, mhammond, ncoghlan, pitrou, steve.dower, takluyver, terry.reedy, veky
Date 2019-03-07.03:04:58
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <>
> > There was a single .pth file that I deemed "malicious" since it
completely breaks the `subprocess` module (`subprocess-run`)
> It only seems to set an attribute. What's wrong with that? Does the early
import of subprocess cause problems?

It assigns ``, which is an api in python3.5+.  In those versions, `subprocess.check_*` is implemented in terms of ``.   The `` provided by that package has a different api than the stdlib one so any use of the subprocess module is broken just by having that package installed
Date User Action Args
2019-03-07 03:04:59Anthony Sottilesetrecipients: + Anthony Sottile, mhammond, barry, brett.cannon, terry.reedy, jaraco, ncoghlan, pitrou, eric.smith, christian.heimes, ionelmc, SilentGhost, __Vano, eric.snow, takluyver, steve.dower, veky, Ivan.Pozdeev, ethan smith, cheryl.sabella, Chris Billington, Peter L3
2019-03-07 03:04:59Anthony Sottilesetmessageid: <>
2019-03-07 03:04:59Anthony Sottilelinkissue33944 messages
2019-03-07 03:04:58Anthony Sottilecreate