Hi Team , In Python installation **is there any need of the below files or it can be deleted ?**This has been raised as a security issue in one of our product packages where python is being used. /usr/local/lib/python3.9/test/badkey.pem, /usr/local/lib/python3.9/test/idnsans.pem, /usr/local/lib/python3.9/test/keycert.passwd.pem, /usr/local/lib/python3.9/test/keycert.pem, /usr/local/lib/python3.9/test/keycert2.pem, /usr/local/lib/python3.9/test/keycert3.pem, /usr/local/lib/python3.9/test/keycert4.pem, /usr/local/lib/python3.9/test/keycertecc.pem, /usr/local/lib/python3.9/test/pycakey.pem, /usr/local/lib/python3.9/test/ssl_key.passwd.pem, /usr/local/lib/python3.9/test/ssl_key.pem
It seems that a package leaked its test suite to distribution stage,
and the packaging system mistaken it as package test. You will need
to track down which package it is and patch it from including test/.
That’s from Python’s (specifically CPython’s) testsuite. It’s
installed by a simple make install in the source tree, for
example. It’s not necessary to operation of the interpreter or
stdlib, however, and can be removed if desired.
I assume the security concern, which was not actually stated above, is due to the suspicion of leaked keys. However, AFAIK those are all dummy keys used by the Python test suite to test the ssl/crypto related functionality of Python, and thus do not present a security concern and can be ignored.