[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Python-Dev] Get a running instance of the doc for a PR.

04.11.18 17:00, Julien Palard via Python-Dev ????:
> Considering feedback from Ned, what about building this as an independent service? We don't really need to interface with python.org at all, we just need some hardware, a domain, some code to interface with github API and... to start it's probably enough? It would be a usefull POC.

This will just move risks to this service.

Ned mentioned potential abuse. We will host unchecked content. Malicious 
user can create a PR which replaces Python documentation with malicious 

The Doc/ directory includes Python scripts and Makefile which are used 
for building documentation. Malicious user can use this for executing 
arbitrary code on our server.