This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author paul.moore
Recipients Elli Pirelli, eryksun, paul.moore, steve.dower, tim.golden, zach.ware
Date 2021-02-25.22:48:22
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1614293302.64.0.925308139769.issue29399@roundup.psfhosted.org>
In-reply-to
Content 
No, because I want to work with whatever version of Python the user puts there. Yes, I could search for "python3*.dll" and load the one I find, but I'm writing this in C, and I get a migraine whenever I have to write more than about 15 lines of C code these days :-)

It's not a big deal either way, though. That project turned out to be too much effort to be worth it, so it's now mostly just a proof-of-concept experiment.

> most of us consider a critical security vulnerability rather than a feature

:-) Given that my execution model is "run a user-supplied Python script with a user-supplied interpreter" I think any attacker has far easier ways of compromising things than hijacking python3.dll...
History
Date User Action Args
2021-02-25 22:48:22paul.mooresetrecipients: + paul.moore, tim.golden, zach.ware, eryksun, steve.dower, Elli Pirelli
2021-02-25 22:48:22paul.mooresetmessageid: <1614293302.64.0.925308139769.issue29399@roundup.psfhosted.org>
2021-02-25 22:48:22paul.moorelinkissue29399 messages
2021-02-25 22:48:22paul.moorecreate