Security Considerations

This page lists some topics relevant in context of the upcoming CRA regulation in the EU.

Deployment

Getting your projects installed on other computers or people is a task most Python developers would face at some point. When trying a local copy of the Python files, you need to be certain that the source code hasn’t been tampered with or maliciously modified. For that reason, we recommend that, for the distribution of PySide projects, you always deploy them. Please check our section on Deployment, where you can find how to do this using pyside6-deploy: the deployment tool for Qt for Python or other tools.

The Python Interpreter

The CRA does not include the Python interpreter, since that would be very problematic, but there is an exception for non-commercial Open Source software. Because of that, the security scope of Qt for Python as an offering does not include the interpreter the applications are using.

Security-relevant Topics in Qt for Python

• Shiboken.VoidPtr

• PySide6.QtUiTools.loadUiType()

• Qt Widgets Designer Custom Widgets

Security in Qt

• Security in Qt

• Qt-Shared-Security-Model

• Untrusted data