Steve Dower added the comment:
AMSI is intended for local scanners that are entirely on your own machine, so
code never goes anywhere, and everything that passes through the file system is
already scanned because of hooks whether you wrote it or not (maybe you're
thinking of SmartScreen?).
What this would add is scanning at the exec point in:
python -c exec(decrypt(open('file.bin', 'rb')))
Currently, malware scanners don't get to see the decrypted code, and I'm
assured this is a common pattern for getting malware onto machines (yes, in
Python).
That said, I fully expect the official releases to require a registry key to
enable it (can't be env or CLI option or an attacker would just leave it out :)
). Wouldn't be on for normal use, but would be available for paranoid people.
----------
_______________________________________
Python tracker <rep...@bugs.python.org>
<http://bugs.python.org/issue26137>
_______________________________________
_______________________________________________
Python-bugs-list mailing list
Unsubscribe:
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
