Setting aside the question of whether it can easily be determined whether a given string is a literal or not (I don't know, but would be interested in knowing the answer)...
As per PEP 586:
Literal types indicate that a variable has a specific and concrete value. For example, if we define some variable foo to have type Literal[3], we are declaring that foo must be exactly equal to 3 and no other value.
In practice, a typechecker will consider a string to be a literal string if it is in quotes. Performing an operation like appending a string will make the typechecker no longer treat it as a literal string. Here is an example [1]. So, a malicious string dynamically assembled (by appending, etc.) will not be treated as a literal string and will be flagged by the typechecker when passed to something that expects `Literal[str]`. I hope that makes sense.
Strings are immutable, so an attacker can't "change" the string as you suggest. A variable can point to a new string, that string could be also be a string literal, and could be malformed/malicious.
You're right, my wording was confusing. I meant that an attacker could pass in an arbitrary string, not that he could mutate it.
If I want to dynamically assemble a malicious string literal, all I would have to do is generate code that can be eval https://urldefense.com/v3/__https://docs.python.org/3/library/functions.html...uated to produce a string literal.
Note that `eval` is typed as returning `Any`, which means we loses all safety, so that's a whole different problem :) The security use cases I was talking about were innocuous inputs that happened to be user-controlled, such as a field in a request JSON that got passed or appended to the format string or shell command function. [1]: https://mypy-play.net/?mypy=latest&python=3.8&gist=4aadb9d2778ec6fe7566382e0a68fbd3 https://mypy-play.net/?mypy=latest&python=3.8&gist=db831b584ec7b1fff5fd0c35d4a18b98 -- S Pradeep Kumar