Author ncoghlan
Recipients jwilk, ncoghlan, njs, ztane
Date 2018-03-18.07:04:26
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1521356667.61.0.467229070634.issue33053@psf.upfronthosting.co.za>
In-reply-to
Content
"python -m mypkg.myscript" does the right thing as far as local packages are concerned, whereas "python -m mypkg/myscript.py" will set you up for double-import bugs.

Note that you can almost always trigger arbitrary non-obvious code execution just by writing sitecustomize.py to the current directory, and any package you install can add a "<installation-site-packages>/arbitrary-code.pth" or "<user-site-packages>/arbitrary-code.pth" file that gets run at startup (setuptools has long relied on this to implement various features).

Opting in to isolated mode turns *all* of those features off by saying "I'm expecting to run system code only here, not custom user code".
History
Date User Action Args
2018-03-18 07:04:27ncoghlansetrecipients: + ncoghlan, jwilk, njs, ztane
2018-03-18 07:04:27ncoghlansetmessageid: <1521356667.61.0.467229070634.issue33053@psf.upfronthosting.co.za>
2018-03-18 07:04:27ncoghlanlinkissue33053 messages
2018-03-18 07:04:26ncoghlancreate