Message 313404 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	benjamin.peterson
Recipients	alex, benjamin.peterson, christian.heimes, pitrou
Date	2018-03-07.22:40:11
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1520462411.13.0.467229070634.issue33019@psf.upfronthosting.co.za>
In-reply-to

Content
I don't think -E is a security feature. Even if the stdlib was fixed, there's tons of 3rdparty Python code that consumes os.environ. It seems like if you really cared about not letting the environment influence a Python application, you'd just wrap python in a script that cleans out the environment before execing.

I don't think -E is a security feature. Even if the stdlib was fixed, there's tons of 3rdparty Python code that consumes os.environ.

It seems like if you really cared about not letting the environment influence a Python application, you'd just wrap python in a script that cleans out the environment before execing.

History
Date	User	Action	Args
2018-03-07 22:40:11	benjamin.peterson	set	recipients: + benjamin.peterson, pitrou, christian.heimes, alex
2018-03-07 22:40:11	benjamin.peterson	set	messageid: <1520462411.13.0.467229070634.issue33019@psf.upfronthosting.co.za>
2018-03-07 22:40:11	benjamin.peterson	link	issue33019 messages
2018-03-07 22:40:11	benjamin.peterson	create