This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author vstinner
Recipients BTaskaya, Dennis Sweeney, eric.smith, sbz, vstinner
Date 2021-04-20.18:22:30
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <>
In terms of security model, usually, if an attacker can execute arbitrary Python code, the game is over. Executing bytecode is the same. Python doesn't provide any tooling to validate bytecode in its stdlib.

If you consider that it's an important use case, you can create a project on PyPI to validate bytecode. I don't think that it belongs to the stdlib.

Python/ceval.c doesn't validate bytecode at runtime for performance reasons.
Date User Action Args
2021-04-20 18:22:31vstinnersetrecipients: + vstinner, eric.smith, sbz, BTaskaya, Dennis Sweeney
2021-04-20 18:22:30vstinnersetmessageid: <>
2021-04-20 18:22:30vstinnerlinkissue42422 messages
2021-04-20 18:22:30vstinnercreate