Message 313966 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	jwilk
Recipients	jwilk, ztane
Date	2018-03-16.18:50:11
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1521226211.18.0.467229070634.issue33053@psf.upfronthosting.co.za>
In-reply-to

Content
FWIW, this behavior is documented: https://docs.python.org/3/using/cmdline.html#cmdoption-m "As with the -c option, the current directory will be added to the start of sys.path." With the -c option, at least you could easily remove the sys.path element yourself: python -c 'import sys; sys.path.remove(""); ...' (This works, because sys is always a builtin module, so it won't be imported from cwd.) I don't see any obvious way to make "python -m foo" secure in untrusted cwd, though. The best I could come up with is: python -c 'import sys; sys.path.remove(""); import runpy; runpy._run_module_as_main("foo")' which is quite insane.

FWIW, this behavior is documented:

https://docs.python.org/3/using/cmdline.html#cmdoption-m
"As with the -c option, the current directory will be added to the start of sys.path."

With the -c option, at least you could easily remove the sys.path element yourself:

   python -c 'import sys; sys.path.remove(""); ...'

(This works, because sys is always a builtin module, so it won't be imported from cwd.)

I don't see any obvious way to make "python -m foo" secure in untrusted cwd, though.
The best I could come up with is:

   python -c 'import sys; sys.path.remove(""); import runpy; runpy._run_module_as_main("foo")'

which is quite insane.

History
Date	User	Action	Args
2018-03-16 18:50:11	jwilk	set	recipients: + jwilk, ztane
2018-03-16 18:50:11	jwilk	set	messageid: <1521226211.18.0.467229070634.issue33053@psf.upfronthosting.co.za>
2018-03-16 18:50:11	jwilk	link	issue33053 messages
2018-03-16 18:50:11	jwilk	create