Author steve.dower
Recipients dstufft, epaine, eric.araujo, eric.smith, paul.moore, serhiy.storchaka, steve.dower, tim.golden, zach.ware
Date 2020-11-08.08:22:36
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1604823756.78.0.299601319536.issue42278@roundup.psfhosted.org>
In-reply-to
Content
Yeah, once tests are excluded and the (deprecated or nearly deprecated) distutils and msilib are dropped, the problems are pydoc (which looks non-exploitable) and anywhere we need to generate a named pipe.

Both cases where named pipes are being created are as safe as the OS allows, so it's really just pydoc that might deserve a fix. (For reference, it's in the variation of help() that writes the docstring to a file and triggers the equivalent of "type <file> | more" or "cat <file> | less", which is already only useful in an interactive shell.)

So I'd suggest it's already as low as possible, but if someone wants to fix pydoc (and encourage the SC to approve PEP 594 and PEP 632 so we don't have to worry about msilib or distutils) then they can feel free.
History
Date User Action Args
2020-11-08 08:22:36steve.dowersetrecipients: + steve.dower, paul.moore, eric.smith, tim.golden, eric.araujo, zach.ware, serhiy.storchaka, dstufft, epaine
2020-11-08 08:22:36steve.dowersetmessageid: <1604823756.78.0.299601319536.issue42278@roundup.psfhosted.org>
2020-11-08 08:22:36steve.dowerlinkissue42278 messages
2020-11-08 08:22:36steve.dowercreate