topic Re: ArcMap Python Security Concerns in ArcMap Questions

ArcMap Python Security Concerns

AliceWilson — Thu, 09 Sep 2021 20:37:00 GMT

We have several who still use ArcMap Desktop - we have all upgraded to 10.8.1. Our IT Dept. recently reached out to us as they discovered the security issues with the python version that comes in the arcmap build/install of 2.7.18 this is what shows up. How are you to continue to use ArcMap with a security risk that there doesn't seems to be a fix for.

105878

EOL/Obsolete Software: Python 2.7.x Detected

The system is at high risk of being exposed to security vulnerabilities. Since the vendor no longer provides updates; obsolete software is more vulnerable to viruses and other attacks.

Re: ArcMap Python Security Concerns

JoeBorgione — Thu, 09 Sep 2021 21:07:03 GMT

How are you to continue to use ArcMap with a security risk that there doesn't seems to be a fix for.

That's a great question! The short answer is something along the lines of; you don't. The security risk is always going to be a problem, and if you think about, it's been there for years.

Python 2.x is old school as opposed to the later 3.x releases and has limited shelf life at best. My agency abandoned ArcMap/ArcCatalog a couple years ago. I don't miss it at all.

Re: ArcMap Python Security Concerns

curtvprice — Thu, 09 Sep 2021 21:59:21 GMT

> I don't miss it at all.

I think we are wired differently. I still miss workstation. RESELECT with KEYFILE, PROGRAM SECTION EVEN.

AML Forever. 😉

Re: ArcMap Python Security Concerns

JoeBorgione — Thu, 09 Sep 2021 22:09:39 GMT

I used weave Perl into AMLs. Pretty cool, back then.

But ArcGIS Pro and Python 3.x is my story now, and I'm stickin' to it!

Re: ArcMap Python Security Concerns

DanPatterson — Thu, 09 Sep 2021 22:20:37 GMT

python 2.7 continues to be patched with security updates... if they are feasible.

That warning is just that. The software is End of Life (but that hasn't stopped some of us from still being in this Community 😉 )

Having said that, dump arcmap, there is no reason to keep it going since people have had since 2015 to adapt to the newer technology.

python 2.7 is 10+ years old. Python is at version 3.10, although Pro toddles along at 3.7.

AML... and Avenue, now that was worth keeping

Re: ArcMap Python Security Concerns

JoeBorgione — Thu, 09 Sep 2021 22:25:51 GMT

Re: ArcMap Python Security Concerns

curtvprice — Thu, 09 Sep 2021 22:44:12 GMT

I have a button I wear at the UC sometime: "My AML from 1996 still works."

Re: ArcMap Python Security Concerns

JoeBorgione — Thu, 09 Sep 2021 22:50:47 GMT

@DanPatterson -

python 2.7 continues to be patched with security updates...

Even if 2.7 got patched, would that not require a new install of the patched version? And how does anyone know when it's been patched? And what has been patched patched?

Having said that, dump arcmap, there is no reason to keep it going since people have had since 2015 to adapt to the newer technology.

Couldn't agree more!

Re: ArcMap Python Security Concerns

DanPatterson — Fri, 10 Sep 2021 00:25:44 GMT

manual install... patching date would be noted on the floppy disk

Re: ArcMap Python Security Concerns

JoeBorgione — Fri, 10 Sep 2021 00:30:00 GMT

You’re killing me, Patterson!

The OP is wondering ‘Who are these guys and why can’t I get straight answer out of them?’