[issue26137] [idea] use the Microsoft Antimalware Scan Interface
Steve Dower
report at bugs.python.org
Thu Jun 30 13:20:04 EDT 2016
Steve Dower added the comment:
> what's to stop the attacker from distributing their own interpreter that just doesn't use AMSI?
AppLocker https://technet.microsoft.com/en-us/library/ee619725.aspx
(In short, restrict which executables can be run on a particular system by path/certificate/etc.)
Also a combination of ACLs and the fact that they may not be able to copy files onto the system directly anyway - see my post just before yours.
----------
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue26137>
_______________________________________
More information about the Python-bugs-list
mailing list