The Mac port of Python contains a binary named "PythonLauncher" which
can be used as the association of ".py" and ".pyw" files. This program
will launch the script (either in a Terminal window or without a
window).

In hindsight adding this tool was not a good idea: this makes it way to
easy to accidently launch python script downloaded from the Internet.
Removing PythonLauncher would still allow running the scripts through
IDLE (which also has an association to ".py" and ".pyw" files in it
Info.plist).

In my experience most ".py" files are modules instead of standalone
scripts, opening the file in an editor would therefore be a better
action in the majority of use-cases.

I disagree that this is a bad idea--it's helpful to be able to double-
click a GUI script and launch it automatically. I realize one can just
fire up Terminal and go "python myscript.py," but I missed this
functionality when it was broken and would be unhappy to see it removed.

I also think it should be removed. Opening a file should run it only if it
is executable.

At the very least PythonLauncher should not be the default for opening
python files, and should actively warn against being the default
(basicly reversing the current default).

When PythonLauncher is the default application for .py files double-
clicking a .py file, or opening it from Mail.app will run the script.
This is not what I'd expect when opening a source file and is risky when
this happens accidently.

There are several ways for running python scripts by double-clicking on
them. Two examples:

• Use py2app to create an .app bundle

• Give the script a ".command" suffix and a '#!/usr/bin/python' prefix.

Both result in "files" where it is clear that opening them will result
in code execution.

I propose to at least change the code in pythonlauncher to warn if it is the default association for python files, that is to reverse the test that it currently does.

That way users can still set pythonlauncher as the launcher for a specific files, but would get a warning when they make pythonlauncher the default action for python files.

BTW. I still think that pythonlauncher is unsafe and should be removed.

Kevin: what's your opinion on changing PythonLauncher to check if it is the default action for opening python files and warning about that?

What about refusing to run when Python Launcher is the default action for python files?

Users would still be able to run python files from the Finder by using the "Open with" menu, or by selecting Python Launcher through the Get Info dialog.

This would seriously reduce the risks w.r.t. accidentally running python scripts.

(Removing 2.7 because it is too late to change 2.7 behavior)

Ronald,

I'd vote for warning if it's the default action.

Would your other proposed change require users to set PythonLauncher as the opening app for each Python file, or would there be a way to manually set it as the default from Finder or elsewhere?

Kevin

Would your other proposed change require users to set PythonLauncher as the opening app for each Python file, or would there be a way to manually set it as the default from Finder or elsewhere?

I would no longer be possible to set PythonLauncher as the default action for Python files, because doing that is a clear security risk.

Ronald

I thinking about closing this issue, but need to do some more research before doing so. In particular, I need to check the behavior of double clicking on python files on Windows and the main Linux desktops. IIRC double clicking a .py file on Windows will execute that file, it might be useful to stay consistent with that and not disallow making Python Launcher the default action.

FWIW more than once I tried to open a .py file on Windows just to see a black box flashing by and promptly disappear. I agree that opening the file in an editor (e.g. IDLE) is a better option, but I realize some users might prefer to launch a script when they double-click on it (I always launch them by doing "python file.py").

The attached patch removes the code that checks if "Python Launcher" is the default application for opening python files.

Does python on Mac still act the same way? When I tried to run a file from Finder today, all the open options I found either did nothing I could see or opened .py files in IDLE.

When I tried to run a file from Finder today, all the open options I found either did nothing I could see or opened .py files in IDLE.

If you double-click on .py file in the Finder, a current user default application for that file type (.py) is used to open with. Depending on how things were installed, that default app could be one of the IDLE apps (i.e. IDLE for 3.10, IDLE for 3.11, etc), one of the Python Launcher apps (again, one for each version that had been installed), or possibly some other app. Using the instructions here, you can either change the app associated with a specific .py file or change the default app for all of your .py files. Another, and safer approach, is to drag the icon for the .py file directly onto the icon for the app you want to open it, either by finding the app in a Finder window or the app icon on the Dock (if it is currently open or perhaps was opened). Dragging a .py file to a Python Launcher app icon should cause a Terminal.app window to open and execute the file in the REPL of the Python interpreter path shown in the Python Launcher Preferences window. If necessary, you can type in the window and change the path to a specific interpreter version, i.e. /usr/local/bin/python3.11. One of the launcher's warts is that, like IDLE, it uses a user-wide configuration so that any change in its Preferences affect all versions of the Launcher.

I still think that a much more important ward of Python Launcher is that it may result in accidentally running Python scripts downloaded from somewhere. The additional protections in recentish macOS versions somewhat mitigate the risk (by not giving access to the Downloads folder to applications unless the user explicitly gives permission).

Adding a check for executable permissions would help a bit more, and matches the system behaviour for shell scripts in ".command" files.

On the other hand, I appreciate that the launcher can be converted for users.