Notice: While JavaScript is not essential for this website, your interaction with the content will be limited. Please turn JavaScript on for the full experience.
...SELinux labels [13] check execute bit on imported modules On macOS, some features that may be integrated are: OpenBSM [10] syslog [11] Overall, the ability to enable these platform-specific features on production machines is highly appealing to system administrators and will make Python a more trustworthy dependency for application developers. True security transparency is not fully achievable by Python in isolation. The runtime can audit as many events as it likes, but unless the logs are re...
...SELinux and AppArmor, while enabled by default by distribution vendors, offer relatively straightforward mechanisms for turning them off. At the moment, no such convenient mechanisms exist to disable Python's default certificate checking for a whole process. PEP 476 did attempt to address this question, by covering how to revert to the old settings process wide by monkeypatching the ssl module to restore the old behaviour. Unfortunately, the sitecustomize.py based technique proposed to allow sys...
...SELinux issues with leaked file descriptors. Security Vulnerability Leaking sensitive file handles and file descriptors can lead to security vulnerabilities. An untrusted child process might read sensitive data like passwords or take control of the parent process though a leaked file descriptor. With a leaked listening socket, a child process can accept new connections to read sensitive data. Example of vulnerabilities: Hijacking Apache https by mod_php (2003) Apache: Apr should set FD_CLOEXE...
...SELinux or AppArmor. Misc modules msilib The msilib package is a Windows-only package. It supports the creation of Microsoft Installers (MSI). The package also exposes additional APIs to create cabinet files (CAB). The module is used to facilitate distutils to create MSI installers with the bdist_msi command. In the past it was used to create CPython's official Windows installer, too. Microsoft is slowly moving away from MSI in favor of Windows 10 Apps (AppX) as a new deployment model [3]. ...