For the record, I am in no-way criticising the developers or what they
did in trying to plug the security hole. The issue is that Python has no
concept of (nor do their core development team wish to address) process
security when used as an embedded language. Python is a language
designed to be "extended" not "embedded". Most features have been
designed with that lack of limitation in mind, leading to the variety of
"exploits" one can use on Blender.
Given the axiom of using standard Python for the scripting language of
Blender, there are no good solutions. If the Python developers
can't/won't address the issue - the best Blender developer is not left
with viable options - only unviable ones.