Module blacklisting #1
Description
The lack of security against malicious code could be fixed by creating module blacklist. It can be just a basic RegEx search for problematic modules.
Something like this, but better:
r"(?<![a-zA-Z0-9_])(os|subprocess)(?![a-zA-Z0-9_])"The above is just a crude example, it detects a lot of false positives, such as import oscar.
I can't think of a better way than to simply parse and block messages. Messing with the modules themselves could break a lot of code.