[Security-sig] PEP 551: Security transparency in the Python runtime

[James Powell]

>> Like, we're inevitably going to
>> have people trying to use 'spython' to replace their normal python
>> 'because it's more secure' and stuff like that. Would it make sense to
>> call it something else, like 'tpython' (for 'transparent'), or
>> 'stdemo-python' (to emphasize that it's more intended as an example and
>> starting point rather than a useful product)?

This is an important point. It's going to be critical that we appropriately convey what "security transparency" means. I believe we can do this. 

Many of the convenience features (e.g., Windows-specific integrations like ETW) attached to this project should be made generally available. We should encourage users to deploy spython only where security transparency truly makes sense, and discourage its deployment where users just want access to some integration feature.

(Note that it may not even make sense to deploy spython for work that requires ctypes or cffi or numpy or pywin32 or any other library that could allow raw memory access.)

:j