On 30/03/2021 19.01, Barry Warsaw wrote: > Hello Mario, > > Thank you for your submission of PEP 648 (Extensible customizations of the > interpreter at startup). The Python Steering Council has reviewed the PEP > and before we can pronounce on it, we have some additional questions and > comments we’d like you to address. Once these questions are settled, we are > requesting that you post the PEP to python-dev for another round of comments.
Hi Mario, could you please include a security analysis of the feature, too? I would like to avoid new ways to exploit Python. In particular I don't think that -S (no site module) is the right way to disable __sitecustomize__. It disables too much useful features. It might be a good idea to disable __sitecustomize__ with -I (isolated mode). There should be a new audit event, too. Christian _______________________________________________ Python-Dev mailing list -- python-dev@python.org To unsubscribe send an email to python-dev-le...@python.org https://mail.python.org/mailman3/lists/python-dev.python.org/ Message archived at https://mail.python.org/archives/list/python-dev@python.org/message/UFADYZGCTF6ZJUX66VAK4XYMJBL6TMMW/ Code of Conduct: http://python.org/psf/codeofconduct/