Steve Dower added the comment: > what's to stop the attacker from distributing their own interpreter that just > doesn't use AMSI?
AppLocker https://technet.microsoft.com/en-us/library/ee619725.aspx (In short, restrict which executables can be run on a particular system by path/certificate/etc.) Also a combination of ACLs and the fact that they may not be able to copy files onto the system directly anyway - see my post just before yours. ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue26137> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
