This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author robertwb
Recipients Alan.Williams, christian.heimes, jdemeyer, robertwb, schmir
Date 2012-10-11.23:06:32
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1349996792.76.0.78675053323.issue16202@psf.upfronthosting.co.za>
In-reply-to
Content
Alternatively, one could fix distutils.util.byte_compile() to execute the script in safe, empty temp directory.  Running scripts in /tmp remains, as it has always been, a bad idea.

Trying to determine if an import is "safe" can be arbitrarily complicated (e.g. what if the group-write bit is set, but you're the only member of that group, or there are special allow or deny ACLs for other users that aren't detected here).  What notion of safeness belongs in the spec?
History
Date User Action Args
2012-10-11 23:06:32robertwbsetrecipients: + robertwb, christian.heimes, schmir, jdemeyer, Alan.Williams
2012-10-11 23:06:32robertwbsetmessageid: <1349996792.76.0.78675053323.issue16202@psf.upfronthosting.co.za>
2012-10-11 23:06:32robertwblinkissue16202 messages
2012-10-11 23:06:32robertwbcreate