Rule check on SimpleXMLRPCServer.register_instance with allow_dotted_names parameter

Question

Rule check on SimpleXMLRPCServer.register_instance with allow_dotted_names parameter

Opened this issue 7 months ago · 0 comments

Is your feature request related to a problem? Please describe.
As stated in the Python docs:

"Enabling the allow_dotted_names option allows intruders to access your module’s global variables and may allow intruders to execute arbitrary code on your machine. Only use this option on a secure, closed network. "

Describe the solution you'd like
New rule to check for this call and parameter.

Describe alternatives you've considered
n/a

Additional context
https://docs.python.org/3/library/xmlrpc.server.html#xmlrpc.server.SimpleXMLRPCServer.register_instance

Love this idea? Give it a 👍. We prioritize fulfilling features with the most 👍.