[Python-Dev] Extending startup code: PEP needed?

Guido van Rossum guido@python.org
2001年1月08日 13:33:26 -0500

• Previous message: [Python-Dev] Extending startup code: PEP needed?
• Next message: [Python-Dev] Extending startup code: PEP needed?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

Discussions based on Python running as root and picking up untrusted
code from $PYTHONPATH are pointless. Of course this is a security
hole. If root runs *any* Python script in a way that could pick up
even a single untrusted module, there's a security hole. site.py or
*.pth files are just a special case of this, so I don't see why this
is used as an example.
--Guido van Rossum (home page: http://www.python.org/~guido/)

---

• Previous message: [Python-Dev] Extending startup code: PEP needed?
• Next message: [Python-Dev] Extending startup code: PEP needed?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]