Brett Cannon added the comment: This can't change in Python 2.7 because of backwards-compatibility. And I would argue this isn't a serious security risk as pkgutil.get_data() typically works with string constants and values provided by the library and not user-provided values. This is basically the same as taking a value for open() and has the same risks.
---------- _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue25330> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
