On 2017-08-26 15:45, Brett Cannon wrote: > Is there going to be a visible flag or anything to know you're running a > restricted version of Python? If so then a subclass will allow us to > override get_code() so that it just skips .pyc files and it can be used > automatically when the flag is set. That way users of spython don't have > to think about setting that up. Otherwise we could provide a function in > importlib._bootstrap that you call during initialization to turn this on.
We should add a new attribute to sys.flags, e.g. sys.flags.restricted. In fact there should be two new flags. We need a way to prevent interactive Python shells like cmd module and pdb interactive mode. After all we want to prevent hackers from getting access to an interactive Python prompt. The cmd module implements such an interactive command interpreter. Christian _______________________________________________ Security-SIG mailing list Security-SIG@python.org https://mail.python.org/mailman/listinfo/security-sig
