[Python-Dev] PEP 493: Redistributor guidance for Python 2.7 HTTPS
Antoine Pitrou
solipsis at pitrou.net
Mon Jul 6 15:28:42 CEST 2015
On Mon, 6 Jul 2015 23:22:09 +1000
Nick Coghlan <ncoghlan at gmail.com> wrote:
> On 6 Jul 2015 20:23, "Antoine Pitrou" <solipsis at pitrou.net> wrote:
> >
> > On Mon, 6 Jul 2015 14:22:46 +1000
> > Nick Coghlan <ncoghlan at gmail.com> wrote:
> > >
> > > The main change from the last version discussed on python-ideas
> >
> > Was it discussed there? That list has become totally useless, I've
> > stopped following it.
> >
> > > * modify the ``ssl`` module to read the ``PYTHONHTTPSVERIFY``
> environment
> > > variable when the module is first imported into a Python process
> >
> > Have you passed that by RedHat's security experts?
>
> Yeah, they were the ones that finally persuaded me that this design was
> reasonable. If I understood their explanation correctly, the gist is that
> if you're running with elevated permissions while allowing arbitrary
> processes to set environment variables, you've already opened up so many
> attack vectors that the only reasonable defence is "don't do that", and
> hence higher level design decisions like sudo running in root's
> environment, not the individual user's. Since having the selective
> downgrade option available makes it easier to justify the default security
> *up*grade, it works out as a net win.
Thank you. Then I'm ok with the PEP.
Regards
Antoine.
More information about the Python-Dev
mailing list