Python logo

이전 항목

xdrlib — Encode and decode XDR data

다음 항목

파이썬 인터프리터 확장 및 내장

이 페이지

  • 버그 보고하기
  • 소스 보기

탐색

  • 색인
  • 모듈 |
  • 다음 |
  • 이전 |
  • Python logo
  • Python »
  • 3.10.18 Documentation »
  • 파이썬 표준 라이브러리 »
  • Security Considerations
  • |
  • |

Security Considerations¶

The following modules have specific security considerations:

  • base64: base64 security considerations in RFC 4648

  • cgi: CGI security considerations

  • hashlib: all constructors take a “usedforsecurity” keyword-only argument disabling known insecure and blocked algorithms

  • http.server is not suitable for production use, only implementing basic security checks. See the security considerations.

  • logging: Logging configuration uses eval()

  • multiprocessing: Connection.recv() uses pickle

  • pickle: Restricting globals in pickle

  • random shouldn’t be used for security purposes, use secrets instead

  • shelve: shelve is based on pickle and thus unsuitable for dealing with untrusted sources

  • ssl: SSL/TLS security considerations

  • subprocess: Subprocess security considerations

  • tempfile: mktemp is deprecated due to vulnerability to race conditions

  • xml: XML vulnerabilities

  • zipfile: maliciously prepared .zip files can cause disk volume exhaustion

이전 항목

xdrlib — Encode and decode XDR data

다음 항목

파이썬 인터프리터 확장 및 내장

이 페이지

  • 버그 보고하기
  • 소스 보기

탐색

  • 색인
  • 모듈 |
  • 다음 |
  • 이전 |
  • Python logo
  • Python »
  • 3.10.18 Documentation »
  • 파이썬 표준 라이브러리 »
  • Security Considerations
  • |
  • |
© 저작권 2001-2025, Python Software Foundation.
This page is licensed under the Python Software Foundation License Version 2.
Examples, recipes, and other code in the documentation are additionally licensed under the Zero Clause BSD License.
See History and License for more information.

The Python Software Foundation is a non-profit corporation. Please donate.

최종 업데이트: 7월 08, 2025 Found a bug?
Created using Sphinx 3.4.3.