:experimental:

[[chap-Defensive_Coding-Python]]
= The Python Programming Language

Python provides memory safety by default, so low-level security
vulnerabilities are rare and typically needs fixing the Python
interpreter or standard library itself.

Other sections with Python-specific advice include:

* <<chap-Defensive_Coding-Tasks-Temporary_Files>>

* <<sect-Defensive_Coding-Tasks-Processes-Creation>>

* <<chap-Defensive_Coding-Tasks-Serialization>>, in
particular <<sect-Defensive_Coding-Tasks-Serialization-Library>>

* <<sect-Defensive_Coding-Tasks-Cryptography-Randomness>>

== Dangerous Standard Library Features

Some areas of the standard library, notably the
`ctypes` module, do not provide memory safety
guarantees comparable to the rest of Python. If such
functionality is used, the advice in <<sect-Defensive_Coding-C-Language>> should be followed.

== Run-time Compilation and Code Generation

The following Python functions and statements related to code
execution should be avoided:

* `compile`

* `eval`

* `exec`

* `execfile`

If you need to parse integers or floating point values, use the
`int` and `float`
functions instead of `eval`. Sandboxing
untrusted Python code does not work reliably.

== Sandboxing

The `rexec` Python module cannot safely sandbox
untrusted code and should not be used. The standard CPython
implementation is not suitable for sandboxing.