python · zooba · Jun 19, 2025 · Jun 15, 2025 · Jun 15, 2025 · Jun 15, 2025
diff --git a/Doc/library/sys.rst b/Doc/library/sys.rst
@@ -1933,6 +1933,11 @@ always available. Unless explicitly noted otherwise, all variables are read-only
    interpreter is pre-release (alpha, beta, or release candidate) then the
    local and remote interpreters must be the same exact version.
 
+   .. audit-event:: remote_exec pid script_path
+
+      When the code is executed in the remote process, an :ref:`auditing event <auditing>`
+      ``remote_exec`` is raised with the *pid* and the path to the script file.
+
    .. audit-event:: remote_debugger_script script_path
 
       When the script is executed in the remote process, an

diff --git a/Lib/test/audit-tests.py b/Lib/test/audit-tests.py
@@ -8,6 +8,7 @@
 import contextlib
 import os
 import sys
+import tempfile
 
 
 class TestHook:
@@ -643,6 +644,29 @@ def test_assert_unicode():
     else:
         raise RuntimeError("Expected sys.audit(9) to fail.")
 
+def test_sys_remote_exec():
+    import sys
+    pid = os.getpid()
+    event_pid = -1
+    event_script_path = ""
+    remote_exec_trigger = False
+    def hook(event, args):
+        if event == "remote_exec":
+            nonlocal remote_exec_trigger
+            remote_exec_trigger = True
+            nonlocal event_pid
+            event_pid = args[0]
+            nonlocal event_script_path
+            event_script_path = args[1]
+
+    sys.addaudithook(hook)
+    with tempfile.NamedTemporaryFile(mode='w+', delete=True) as tmp_file:
+        tmp_file.write("print('Hello from remote_exec!')\n")
+        tmp_file.flush()
+        sys.remote_exec(pid, tmp_file.name)
+        assert remote_exec_trigger
+        assert event_pid == pid
+        assert event_script_path == tmp_file.name
 
 if __name__ == "__main__":
     from test.support import suppress_msvcrt_asserts

diff --git a/Lib/test/test_audit.py b/Lib/test/test_audit.py
@@ -14,6 +14,15 @@
 
 AUDIT_TESTS_PY = support.findfile("audit-tests.py")
 
+def _supports_remote_attaching():
+    PROCESS_VM_READV_SUPPORTED = False
+
+    try:
+        from _remote_debugging import PROCESS_VM_READV_SUPPORTED
+    except ImportError:
+        pass
+
+    return PROCESS_VM_READV_SUPPORTED
 
 class AuditTest(unittest.TestCase):
     maxDiff = None
@@ -322,6 +331,16 @@ def test_assert_unicode(self):
         if returncode:
             self.fail(stderr)
 
+    @unittest.skipIf(not sys.is_remote_debug_enabled(), "Remote debugging is not enabled")
+    @unittest.skipIf(sys.platform != "darwin" and sys.platform != "linux" and sys.platform != "win32",
+                        "Test only runs on Linux, Windows and MacOS")
+    @unittest.skipIf(sys.platform == "linux" and not _supports_remote_attaching(),
+                        "Test only runs on Linux with process_vm_readv support")
+    @support.cpython_only
+    def test_sys_remote_exec(self):
+        returncode, stdout, stderr = self.run_python("test_sys_remote_exec")
+        if returncode:
+            self.fail(stderr)
 
 if __name__ == "__main__":
     unittest.main()
diff --git a/Misc/NEWS.d/next/Core_and_Builtins/2025-06-16-02-31-42.gh-issue-135543.6b0HOF.rst b/Misc/NEWS.d/next/Core_and_Builtins/2025-06-16-02-31-42.gh-issue-135543.6b0HOF.rst
@@ -0,0 +1 @@
+Emit ``remote_exec`` audit event when :func:`sys.remote_exec` is called.
@@ -2485,6 +2485,10 @@ sys_remote_exec_impl(PyObject *module, int pid, PyObject *script)
     PyObject *path;
     const char *debugger_script_path;
 
+    if (PySys_Audit("remote_exec", "iO", pid, script) < 0) {
+        return NULL;
+    }
+
     if (PyUnicode_FSConverter(script, &path) == 0) {
         return NULL;
     }
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		Emit ``remote_exec`` audit event when :func:`sys.remote_exec` is called.