summaryrefslogtreecommitdiffstats
path: root/Doc/library/security_warnings.rst
blob: f985dc4acd11c18f3da9af8391b671cf2762d767 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
.. _security-warnings:

.. index:: single: security considerations

Security Considerations
=======================

The following modules have specific security considerations:

* :mod:`base64`: :ref:`base64 security considerations <base64-security>` in
  :rfc:`4648`
* :mod:`cgi`: :ref:`CGI security considerations <cgi-security>`
* :mod:`hashlib`: :ref:`all constructors take a "usedforsecurity" keyword-only
  argument disabling known insecure and blocked algorithms
  <hashlib-usedforsecurity>`
* :mod:`http.server` is not suitable for production use, only implementing
  basic security checks
* :mod:`logging`: :ref:`Logging configuration uses eval()
  <logging-eval-security>`
* :mod:`multiprocessing`: :ref:`Connection.recv() uses pickle
  <multiprocessing-recv-pickle-security>`
* :mod:`pickle`: :ref:`Restricting globals in pickle <pickle-restrict>`
* :mod:`random` shouldn't be used for security purposes, use :mod:`secrets`
  instead
* :mod:`shelve`: :ref:`shelve is based on pickle and thus unsuitable for
  dealing with untrusted sources <shelve-security>`
* :mod:`ssl`: :ref:`SSL/TLS security considerations <ssl-security>`
* :mod:`subprocess`: :ref:`Subprocess security considerations
  <subprocess-security>`
* :mod:`tempfile`: :ref:`mktemp is deprecated due to vulnerability to race
  conditions <tempfile-mktemp-deprecated>`
* :mod:`xml`: :ref:`XML vulnerabilities <xml-vulnerabilities>`
* :mod:`zipfile`: :ref:`maliciously prepared .zip files can cause disk volume
  exhaustion <zipfile-resources-limitations>`

The :option:`-I` command line option can be used to run Python in isolated
mode. When it cannot be used, the :option:`-P` option or the
:envvar:`PYTHONSAFEPATH` environment variable can be used to not prepend a
potentially unsafe path to :data:`sys.path` such as the current directory, the
script's directory or an empty string.