[Python-Dev] PEP 553 V2 - builtin breakpoint() (was Re: PEP 553: Built-in debug())

Nick Coghlan ncoghlan at gmail.com
Fri Sep 8 10:53:40 EDT 2017

On 7 September 2017 at 20:02, Adrian Petrescu <apetresc at gmail.com> wrote:
> Would that not be a security concern, if you can get Python to execute
> arbitrary code just by setting an environment variable?

Not really, as once someone has write access to your process
environment, you've already lost (they can mess with PYTHONIOENCODING,
PYTHONPATH, LD_PRELOAD, OpenSSL certificate verification settings, and


Nick Coghlan   |   ncoghlan at gmail.com   |   Brisbane, Australia

More information about the Python-Dev mailing list