PEP 810: Clarify security implications (#4660)

Author: notatallshaw

peps/pep-0810.rst

@@ -924,11 +924,15 @@ display lazy proxies before first use and the real objects thereafter.
 Security Implications
 =====================
 
-There are no known security vulnerabilities introduced by lazy imports.
-Security-sensitive tools that need to ensure all imports are evaluated eagerly
-can use :func:`!sys.set_lazy_imports` with ``"none"`` to force
-eager evaluation, or use :func:`!sys.set_lazy_imports_filter` for fine-grained
-control.
+Tools that install packages while performing imports from that the same
+environment should ensure all modules are imported eagerly, or reified, before
+the installation step, to avoid newly installed distributions from shadowing
+them.
+
+Such tools can use :func:`!sys.set_lazy_imports` with ``"none"`` to
+force eager evaluation, or provide a :func:`!sys.set_lazy_imports_filter` function for
+fine-grained control.
+
 
 How to Teach This
 =================