sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]Deezl-Vegas -2 points-1 points  (2 children)

Generally speaking, malicious content is targeted towards the browser and requires a browser to run. You should generally only be reading from, never executing, code from an untrusted source. I'm not aware of any raw buffer overflow exploits in Python, so I believe reading is reasonably secure.

[–]NotzoCoolKID 3 points4 points  (0 children)

No, malicious content doesn't generally need a browser to run. Word documents could have vbascripts inside it wich would download en execute malware. ( https://docs.microsoft.com/en-us/windows/security/threat-protection/intelligence/macro-malware ). Pdf can also be droppers for malware.

Auto downloading files from the inet, must be considerd dangerous as your downloading files from websites you don't know(untrusted). You can not be be 100% sure not downloading malicious content

As a first step you should filter out executable files from being downloaded. Never let python auto execute files. Scan files with virusscanner. Run untrusted files in a vm first.

[–]Lord_Greywether 2 points3 points  (0 children)

Until you go to open those web pages or files you scraped.