From 3006e536cd6833fb5b920d6ce6a6fc7d1abf0551 Mon Sep 17 00:00:00 2001 From: Stan Ulbrych Date: Sat, 2 May 2026 17:14:41 +0100 Subject: [PATCH 1/2] Add security warning to `mailbox` docs --- Doc/library/mailbox.rst | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/Doc/library/mailbox.rst b/Doc/library/mailbox.rst index 5b9741bdbcad19..1d115a9edbcd9e 100644 --- a/Doc/library/mailbox.rst +++ b/Doc/library/mailbox.rst @@ -15,6 +15,11 @@ accessing and manipulating on-disk mailboxes and the messages they contain. :class:`~email.message.Message` class with format-specific state and behavior. Supported mailbox formats are Maildir, mbox, MH, Babyl, and MMDF. +.. warning:: + + The :mod:`!mailbox` module assumes full control over input parameters and the + underlying mailbox storage; it does not protect against untrusted paths or + externally modified data. .. seealso:: From 26a72b2a34a4d9c92b99b644c062d7685c612361 Mon Sep 17 00:00:00 2001 From: Stan Ulbrych Date: Wed, 10 Jun 2026 12:16:46 +0100 Subject: [PATCH 2/2] Apply RDM's suggestion with slight changes Co-authored-by: R. David Murray --- Doc/library/mailbox.rst | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Doc/library/mailbox.rst b/Doc/library/mailbox.rst index 1d115a9edbcd9e..c534c5de725181 100644 --- a/Doc/library/mailbox.rst +++ b/Doc/library/mailbox.rst @@ -17,9 +17,9 @@ Supported mailbox formats are Maildir, mbox, MH, Babyl, and MMDF. .. warning:: - The :mod:`!mailbox` module assumes full control over input parameters and the - underlying mailbox storage; it does not protect against untrusted paths or - externally modified data. + The :mod:`!mailbox` module is designed for use in trusted environments, + where all inputs are provided by the local user and the underlying mailbox + storage is accessible only to that user. .. seealso::