diff -r b256d054f229 Lib/tkinter/__init__.py
--- a/Lib/tkinter/__init__.py	Wed Nov 07 09:02:24 2012 +0100
+++ b/Lib/tkinter/__init__.py	Fri Nov 09 14:55:54 2012 -0600
@@ -1698,7 +1698,9 @@
         self.tk = _tkinter.create(screenName, baseName, className, interactive, wantobjects, useTk, sync, use)
         if useTk:
             self._loadtk()
-        self.readprofile(baseName, className)
+        if not sys.flags.ignore_environment:
+            # Issue16248: Honor the -E flag to avoid code injection
+            self.readprofile(baseName, className)
     def loadtk(self):
         if not self._tkloaded:
             self.tk.loadtk()