On 2017-08-24 19:13, Steve Dower wrote: > Hi security-sig, > > Those of you who were at the PyCon US language summit this year (or who > saw the coverage at https://lwn.net/Articles/723823/) may recall that I > talked briefly about the ways Python is used by attackers to gain and/or > retain access to systems on local networks. [...] > TODO - more hooks in ``_socket``, ``_ssl``, others?
Does it make sense to include mmap()? After all mmap can be used to execute arbitrary machine code in memory. For the SSL module, what would you like to log? Server certs and connection parameters (cipher suite)? Christian _______________________________________________ Security-SIG mailing list Security-SIG@python.org https://mail.python.org/mailman/listinfo/security-sig
