From 81ab41c156c9d78414f8b758b27900dbaaaba161 Mon Sep 17 00:00:00 2001
From: Thomas Chauchefoin <thomas.chauchefoin@trailofbits.com>
Date: Wed, 6 May 2026 16:08:15 +0200
Subject: [PATCH] Expand UNSAFE_IMPORTS blocklist (GHSA-m6fh-58r7-x697)

This blocks a direct command execution gadget with `_posixsubprocess`,
a way to load local PTH with `site`, and potential exit hooks with
`atexit`.
---
 fickling/fickle.py | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/fickling/fickle.py b/fickling/fickle.py
index 50173a4..1215686 100644
--- a/fickling/fickle.py
+++ b/fickling/fickle.py
@@ -74,6 +74,7 @@ def __post_init__(self) -> None:
         "pty",
         "commands",  # Legacy Python 2 module
         "multiprocessing",
+        "_posixsubprocess",
         # Code execution/compilation
         "code",
         "codeop",
@@ -91,6 +92,7 @@ def __post_init__(self) -> None:
         "pkgutil",
         "zipimport",
         "gc",
+        "site",
         # Attribute access (getattr equivalent bypasses)
         "inspect",
         # Operator module bypasses
@@ -156,6 +158,7 @@ def __post_init__(self) -> None:
         "_signal",
         "threading",
         "_thread",
+        "atexit",
         # Database/file creation
         "sqlite3",
         "_sqlite3",