I don't have any particular security expertise, but a few thoughts anyway...
- your big list of logged events seems to be missing getaddrinfo/getnameinfo (the modern replacements for get*by*) - you make it possible for arbitrary code to log arbitrary events by calling sys.loghook, which seems useful if you want to allow e.g. cffi to log similar events to the ones that ctypes logs. But are you worried that attackers could use the ability to forge arbitrary events to cover their trail? - the name "spython" makes me nervous, because I feel like as soon as discussion switches from specifics like "transparency through event logging" to vague abstractions like "secure", then it becomes much more difficult to have useful discussions. Like, we're inevitably going to have people trying to use 'spython' to replace their normal python 'because it's more secure' and stuff like that. Would it make sense to call it something else, like 'tpython' (for 'transparent'), or 'stdemo-python' (to emphasize that it's more intended as an example and starting point rather than a useful product)? -n
_______________________________________________ Security-SIG mailing list Security-SIG@python.org https://mail.python.org/mailman/listinfo/security-sig
