Security Considerations¶

~~The following modules have specific security considerations:~~以下模块具有特定的安全注意事项：

base64: base64 security considerations in RFC 4648RFC 4648中的base64安全注意事项
cgi: ~~CGI security considerations~~CGI安全注意事项
hashlib: ~~all constructors take a “usedforsecurity” keyword-only argument disabling known insecure and blocked algorithms~~所有构造函数都只使用“usedforsecurity”关键字参数，禁用已知的不安全和被阻止的算法
http.server ~~is not suitable for production use, only implementing basic security checks~~不适用于生产使用，仅执行基本安全检查
logging: ~~Logging configuration uses eval()~~日志记录配置使用eval()
multiprocessing: Connection.recv() ~~uses~~ 使用pickle
pickle: ~~Restricting globals in pickle~~在pickle中限制全局
random ~~shouldn’t be used for security purposes, use secrets instead~~不应用于安全目的，而应使用secrets
shelve: ~~shelve is based on pickle and thus unsuitable for dealing with untrusted sources~~shelve基于pickle，因此不适合处理不可信的源
ssl: ~~SSL/TLS security considerations~~SSL/TLS安全注意事项
subprocess: ~~Subprocess security considerations~~子进程安全注意事项
tempfile: ~~mktemp is deprecated due to vulnerability to race conditions~~mktemp因易受竞争条件影响而被弃用
xml: ~~XML vulnerabilities~~XML漏洞
zipfile: ~~maliciously prepared .zip files can cause disk volume exhaustion~~恶意准备的zip文件会导致磁盘卷耗尽