On Mon, 27 Feb 2023 at 08:33, python--- via Python-ideas <python-ideas@python.org> wrote: > > Thank you for the insight. I have some more work to do! I will share on this > thread again when I've made further changes. > > If you have some time, I would be grateful if you could share a few test > cases such as "bypass it by spinning off a new thread", or. > object.__subclasses__. code is not necessary but just pointers. >
The trouble with that is, I don't really want to build and run your Python just for the test, so all I can really do is talk theoretically. But if you can name any module that IS permitted to import code, I can attempt (on a vanilla Python) to trigger it to import something of my choice. It's worth noting, for instance, that sys.path and its friends can be manipulated to control what would be imported; a trusted module could potentially be tricked into importing anything at all. Python simply isn't designed for security boundaries. ChrisA _______________________________________________ Python-ideas mailing list -- python-ideas@python.org To unsubscribe send an email to python-ideas-le...@python.org https://mail.python.org/mailman3/lists/python-ideas.python.org/ Message archived at https://mail.python.org/archives/list/python-ideas@python.org/message/S4NR6RT3MBA4E3K5SQNU2BD26V2Z3AGT/ Code of Conduct: http://python.org/psf/codeofconduct/
