Python Security Quirks

Ilya Etingof, over at the Red Hat Security Blog, has written a rundown of some security-related quirks:

“Being easy to pick up and progress quickly towards developing larger and more complicated applications, Python is becoming increasingly ubiquitous in computing environments. Though apparent language clarity and friendliness could lull the vigilance of software engineers and system administrators – luring them into coding mistakes that may have serious security implications. In this article, which primarily targets people who are new to Python, a handful of security-related quirks are looked at; experienced developers may well be aware of the peculiarities that follow.”

He goes on to cover input functions, assert statements, monkey patching, and module injection among others. Good to have these in the back of your mind for all your projects.