[Python-Dev] PEP 476: Enabling certificate validation by default! (original) (raw)

Chris Angelico rosuav at gmail.com
Mon Sep 1 15:24:39 CEST 2014

• Previous message: [Python-Dev] PEP 476: Enabling certificate validation by default!
• Next message: [Python-Dev] PEP 476: Enabling certificate validation by default!
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Sep 1, 2014 at 10:41 PM, Antoine Pitrou <antoine at python.org> wrote:

Not sure why. Just put another module named "ssl" in sys.modules directly. You can also monkeypatch the genuine ssl module.

That has to be done inside the same process. But imagine this scenario: You have a program that gets invoked as root (or some other user than yourself), and you're trying to fiddle with what it sees. You don't have root access, but you can manipulate the file system, to the extent that your userid has access. What can you do to affect this other program?

ChrisA

• Previous message: [Python-Dev] PEP 476: Enabling certificate validation by default!
• Next message: [Python-Dev] PEP 476: Enabling certificate validation by default!
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Python-Dev mailing list