From jschaffler at proton.me  Mon May 22 18:23:39 2023
From: jschaffler at proton.me (James Schaffler)
Date: Mon, 22 May 2023 22:23:39 +0000
Subject: [Idle-dev] Why does IDLE use a subprocess?
Message-ID: <2m-4UrFZwtHHD2xPWD7CAeB5szq7JSX4c6ezZ9r2C-1QAow9PNfQTnfrZYJoME9MhyIsLeFyQWOxXz6XAFE7EUsXKXL5qWBluhpw0HGG1oY=@proton.me>

Hi,

I was curious about the internals of IDLE, and noticed that IDLE uses executes user code in a "subprocess" that's separate from the Python interpreter that is running IDLE itself (which does tasks such as making the window and coloring the text).

As far as I understand, IDLE runs a modified version of code.InteractiveInterpreter by sending user code through a socket. Even the IDLE documentation says that without a subprocess, "user code is not isolated from IDLE itself." However, some minimal testing of InteractiveInterpreter leads me to believe that the Interpreter object has its own view of local/global variables and therefore shouldn't be able to affect the calling interpreter (please correct me if I'm wrong).

So my question is a combination of "Why does IDLE use a subprocess?" and "Why is InteractiveInterpreter not secure enough?" What possible security vulnerabilities exist if one uses IDLE without the subprocess? If anyone knows (or could point me to information on) why IDLE is designed this way, I'd really appreciate it. Thank you!

Jim