Message308617
> A compromise would be to refuse to start on "python3 -I directory" to remain secure
What would that achieve, considering that "python3 -I directory/__main__.py" would let you start with exactly the same sys.path?[*]
The only change that might be of any value would be to resolve the path as early as possible so that an absolute path is added to sys.path[0].
Not adding the directory of the startup script is a breaking change with no security benefits -- it has to stay there. -I is not a protection against command-line arguments.
[*] On Windows, using the filename seems to resolve the directory while using just the directory name does not. I'm not sure why they aren't identical, and obviously I think they should be, but I'd expect the initialization work to streamline it (when getpath.c becomes sensible). |
|
Date |
User |
Action |
Args |
2017-12-19 06:37:49 | steve.dower | set | recipients:
+ steve.dower, brett.cannon, ncoghlan, vstinner, christian.heimes |
2017-12-19 06:37:49 | steve.dower | set | messageid: <1513665469.65.0.213398074469.issue32324@psf.upfronthosting.co.za> |
2017-12-19 06:37:49 | steve.dower | link | issue32324 messages |
2017-12-19 06:37:49 | steve.dower | create | |
|