1. Why Security Matters in Every Python Project

No Python project is too small to be attacked. A simple script may handle files, credentials, or user input — all potential entry points for exploitation.
The goal is not just to make code run, but to make it safe to run anywhere.

Example: File Deletion Utility Gone Wrong

# 1. Insecure: trusting user input blindly
import os
target = input("Enter file to delete: ")
os.remove(target)  # User can enter ../../important_system_file.txt

Secure Version

import os

def safe_delete(filename):
    base_dir = "/home/user/safe_dir"
    full_path = os.path.abspath(os.path.join(base_dir, filename))
    if not full_path.startswith(base_dir):
        raise PermissionError("Unsafe file path detected.")
    os.remove(full_path)

safe_delete("old_data.txt")

✅ Lesson: Validate all input and enforce strict boundaries for actions like file access or deletion.