Threat model for remote debugging protocol

[sethmlarson]

Documentation

Python 3.14 added the remote debugging protocol. Currently, many incorrect "vulnerability" reports are being submitted for this functionality, but this may be because there is no threat model documented.

To short-circuit these reports and to provide clarity to users, let's create a threat model section in the documentation for the feature. The threat model should answer these questions:

• Do all Python platforms require enhanced privileges for remote debugging?
  • If not: should we disable remote access by default on these platforms?
• Do we consider vulnerabilities that are only possible if the attaching process has privileges? (My answer: no)
• Do we consider vulnerabilities if the target process is controlled by an attacker?
• Who is the "disable remote access" environment variable for? When should users consider it?

cc @pablogsal

Linked PRs

• gh-148022: Add threat model to remote debugging docs #148024
• [3.14] gh-148022: Add threat model to remote debugging docs (GH-148024) #148039