[Python-Dev] PEP 476: Enabling certificate validation by default!

Antoine Pitrou antoine at python.org
Mon Sep 1 14:41:56 CEST 2014

Le 01/09/2014 10:09, Nick Coghlan a écrit :
> On 1 September 2014 17:13, Christian Heimes <christian at python.org> wrote:
>> On 01.09.2014 08:44, Nick Coghlan wrote:
>>> Yes, it would have exactly the same security failure modes as
>>> sitecustomize, except it would only fire if the application
>>> imported the ssl module.
>>> The "-S" and "-I" switches would need to disable the implied
>>> "sslcustomize", just as they disable "import site".
>> A malicious package can already play havoc with your installation with
>> a custom ssl module. If somebody is able to sneak in a ssl.py then you
>> are screwed anyway. sslcustomize is not going to make the situation worse.
> That's not quite true - we're fairly careful about putting the
> standard library before userspace directories, so aside from the
> "current directory" problem, shadowing "ssl" itself can be tricky to
> arrange.

Not sure why. Just put another module named "ssl" in sys.modules directly.
You can also monkeypatch the genuine ssl module.



More information about the Python-Dev mailing list