Steve Dower added the comment: Unless you can show that it's loaded after the installer elevates, I'm not concerned. "User can run arbitrary code as themselves" is not a security vulnerability. (Hint: when the bundle elevates, it copies the exe to a new directory and runs it from there to avoid this issue.)
I'll leave this open for a few days in case of more comments. ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue27410> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
