This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author steve.dower
Recipients christian.heimes, docs@python, steve.dower, vstinner
Date 2021-03-08.21:06:56
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1615237616.3.0.945746026966.issue43438@roundup.psfhosted.org>
In-reply-to
Content 
To clarify my position on this (as the PEP author):

* audit hooks added *after* initialization (including via the Python API) are not intended for security, but for logging/debugging, and so bypasses are not considered security issues
* audit hooks added *before* Python is initialized should not be able to be bypassed *without* prior events indicating that a bypass is going to occur. Ways of bypassing/removing them without prior indicators should be reported as security issues

And note that all compile()d, imported or exec()d code should have been collected, which means any security bypass has to happen without arbitrary code execution.

These hooks are only one tool necessary to create a more secured environment, not the whole thing. (And note that I said "more secured" not "secure", because it's only as secure as you make it. The relative descriptor is deliberate.)
History
Date User Action Args
2021-03-08 21:06:56steve.dowersetrecipients: + steve.dower, vstinner, christian.heimes, docs@python
2021-03-08 21:06:56steve.dowersetmessageid: <1615237616.3.0.945746026966.issue43438@roundup.psfhosted.org>
2021-03-08 21:06:56steve.dowerlinkissue43438 messages
2021-03-08 21:06:56steve.dowercreate