Serhiy Storchaka <storchaka+cpyt...@gmail.com> added the comment: I think we can ignore the inspect module. It is unlikely that it will cause a crash unintentionally, and it is hard to use this for attacks. The attacker needs to create an extension function with malicious __text_signature__, but if he is able to execute arbitrary binary code, there is a much larger problem.
And perhaps there is no need to repeat the warning for exec() and eval(). They are considered more dangerous than compile(). ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <https://bugs.python.org/issue32758> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
