PEP 551 – Security transparency
PEP 551 is from August, 2017, and is in Draft status; it is also expected to be implemented in version 3.7. It is designed to improve visibility into Python's behavior through security tools. Specifically, it attempts to prevent malicious uses of Python, to detect and report malicious use, and to detect attempts to bypass detection. The caveat is that this PEP would require user intervention, in the sense that they would be responsible for customizing and building Python for their particular environment.
Getting ready
Some discussion of software security is required before delving into the specifics of this PEP. This ensures that a common level of knowledge is available to readers.
General security
In software, many vulnerabilities are due to bugs that allow remote code execution or privilege escalation. One of the worst vulnerabilities is the advanced persistent threat (APT). An APT occurs when an attacker gains access to a network, installs software on one or...