Documentation
Python 3.14 added the remote debugging protocol. Currently, many incorrect "vulnerability" reports are being submitted for this functionality, but this may be because there is no threat model documented.
To short-circuit these reports and to provide clarity to users, let's create a threat model section in the documentation for the feature. The threat model should answer these questions:
- Do all Python platforms require enhanced privileges for remote debugging?
- If not: should we disable remote access by default on these platforms?
- Do we consider vulnerabilities that are only possible if the attaching process has privileges? (My answer: no)
- Do we consider vulnerabilities if the target process is controlled by an attacker?
- Who is the "disable remote access" environment variable for? When should users consider it?
cc @pablogsal
Linked PRs
Documentation
Python 3.14 added the remote debugging protocol. Currently, many incorrect "vulnerability" reports are being submitted for this functionality, but this may be because there is no threat model documented.
To short-circuit these reports and to provide clarity to users, let's create a threat model section in the documentation for the feature. The threat model should answer these questions:
cc @pablogsal
Linked PRs