[Python-Dev] PEP 476: Enabling certificate validation by default!
Chris Angelico
rosuav at gmail.com
Mon Sep 1 15:24:39 CEST 2014
On Mon, Sep 1, 2014 at 10:41 PM, Antoine Pitrou <antoine at python.org> wrote:
> Not sure why. Just put another module named "ssl" in sys.modules directly.
> You can also monkeypatch the genuine ssl module.
That has to be done inside the same process. But imagine this
scenario: You have a program that gets invoked as root (or some other
user than yourself), and you're trying to fiddle with what it sees.
You don't have root access, but you can manipulate the file system, to
the extent that your userid has access. What can you do to affect this
other program?
ChrisA
More information about the Python-Dev
mailing list