[mrswag]

Some points are valid, but come on, if an attacker has write access to your code, you can't recover from that, ever.

[viraptor]

> but come on, if an attacker has write access to your code

Why is this relevant for this article? The article doesn't say anything about attackers having write access to the source.

[mrswag]

It's in their threat model under 'Module injection':

> The mitigation is to maintain secure access permissions on all directories and package files in search path to ensure unprivileged users do not have write access to them.

[viraptor]

Ok, I see. To be honest I read that as "keep your PYTHONPATH sane". I think that's a bit different from worrying about someone having write access to the source, but still related - point taken.

[zwp]

CVE-2008-5983 (https://bugs.python.org/issue5753) "Untrusted search path vuln... prepends an empty string to sys.path when the argv[0] argument does not contain a path separator"

Check out the "yes"es in the "fixed" column in comment at https://bugs.python.org/msg85966

[riskable]

Yes it does... One of the examples is monkey patching using bytecode. How are you going to do that without write access to the filesystem running your code?

The same is true for module imports... If you have write access to the same directory as the code itself there's all sorts of havoc one can cause beyond merely substituting your own os.py.

[warkdarrior]

You do not need access to the same directory as the code itself. Think of a Python program that can use plugins written by users. For example Django.