Author ned.deily
Recipients Iman Sharafaldin, ned.deily
Date 2020-07-01.19:37:22
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1593632242.25.0.604036170524.issue41189@roundup.psfhosted.org>
In-reply-to
Content
> my only goal was to help Python community (which I love it) to improve the code quality

Thanks for trying to improve things, we do appreciate it!

The idea here is that to be able to exploit the crashing pyc file, you need to be able to run an arbitrary pyc file on the web service and to do that the attacker has to have access somehow to the interpreter. If the web service has a hole to allow that, many bad things are possible. That's true for many other languages and tools, too.  So it's just not worth worrying about being able to crash with a fuzzed pyc file since, if you can exploit that, you can exploit in much easier ways.
History
Date User Action Args
2020-07-01 19:37:22ned.deilysetrecipients: + ned.deily, Iman Sharafaldin
2020-07-01 19:37:22ned.deilysetmessageid: <1593632242.25.0.604036170524.issue41189@roundup.psfhosted.org>
2020-07-01 19:37:22ned.deilylinkissue41189 messages
2020-07-01 19:37:22ned.deilycreate