1. Home

The Python Programming Language

Python provides memory safety by default, so low-level security vulnerabilities are rare and typically needs fixing the Python interpreter or standard library itself.

Other sections with Python-specific advice include:

Dangerous Standard Library Features

Some areas of the standard library, notably the ctypes module, do not provide memory safety guarantees comparable to the rest of Python. If such functionality is used, the advice in [sect-Defensive_Coding-C-Language] should be followed.

Run-time Compilation and Code Generation

The following Python functions and statements related to code execution should be avoided:

  • compile

  • eval

  • exec

  • execfile

If you need to parse integers or floating point values, use the int and float functions instead of eval. Sandboxing untrusted Python code does not work reliably.

Sandboxing

The rexec Python module cannot safely sandbox untrusted code and should not be used. The standard CPython implementation is not suitable for sandboxing.

About

About Fedora
Sponsors
Fedora Magazine
Legal

Download

Get Fedora Workstation
Get Fedora Server
Get Fedora Atomic
Fedora Spins
Fedora Labs
Fedora ARM®
Alternative Downloads

Support

Get Help
Ask Fedora
Common Bugs
Fedora Developer Portal
Installation Guide

Join

Join Fedora
Planet Fedora
Fedora SIGs
Fedora Account System
Fedora Community

© 2017 Red Hat, Inc. and others. Please send any comments or corrections to the documentation team