os.startfile(): add a C comment on security (#3877)

LoadLibrary("SHELL32") is not vulnerable to DLL hijacking.
2017-10-13 13:46:57 -07:00 · 2017-10-13 13:46:57 -07:00 · a99121526a
parent ccef823939
commit a99121526a
1 changed files with 4 additions and 0 deletions
--- a/Modules/posixmodule.c
+++ b/Modules/posixmodule.c
@ -10556,6 +10556,10 @@ check_ShellExecute()
    /* only recheck */
    if (-1 == has_ShellExecute) {
        Py_BEGIN_ALLOW_THREADS
+        /* Security note: this call is not vulnerable to "DLL hijacking".
+           SHELL32 is part of "KnownDLLs" and so Windows always load
+           the system SHELL32.DLL, even if there is another SHELL32.DLL
+           in the DLL search path. */
        hShell32 = LoadLibraryW(L"SHELL32");
        Py_END_ALLOW_THREADS
        if (hShell32) {