| license: mit | |
| # modelscan bypass PoC - multiprocessing | |
| `multiprocessing.Pool(1)` constructor spawns worker processes via fork() during deserialization. | |
| `subprocess` is blocked at CRITICAL but `multiprocessing` (which spawns processes) is not. | |
| Pool(100000) = instant DoS. Pool with initializer= parameter = RCE. | |
| multiprocessing.connection.Client(address) = outbound TCP connection. | |
| Passes modelscan 0.7.6 with 0 issues detected. | |