Author steve.dower
Recipients christian.heimes, frankli, steve.dower, zkonge
Date 2020-07-02.22:47:13
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1593730033.27.0.769097035266.issue41162@roundup.psfhosted.org>
In-reply-to
Content
PR 21222 (with test updates) is a good fix, though we know there can still be arbitrary code executed afterwards. But it's not in a place where we can reliably hook.

Probably the best thing to do is to make sure that events are raised for anything that would be required to add code there. Though that may not be feasible either, but since nobody should be doing that kind of thing deliberately, detection is just as valuable as prevention.
History
Date User Action Args
2020-07-02 22:47:13steve.dowersetrecipients: + steve.dower, christian.heimes, zkonge, frankli
2020-07-02 22:47:13steve.dowersetmessageid: <1593730033.27.0.769097035266.issue41162@roundup.psfhosted.org>
2020-07-02 22:47:13steve.dowerlinkissue41162 messages
2020-07-02 22:47:13steve.dowercreate