Message337354
> > There was a single .pth file that I deemed "malicious" since it
completely breaks the `subprocess` module (`subprocess-run`)
>
> It only seems to set an attribute. What's wrong with that? Does the early
import of subprocess cause problems?
It assigns `subprocess.run`, which is an api in python3.5+. In those versions, `subprocess.check_*` is implemented in terms of `subprocess.run`. The `subprocess.run` provided by that package has a different api than the stdlib one so any use of the subprocess module is broken just by having that package installed |
|
Date |
User |
Action |
Args |
2019-03-07 03:04:59 | Anthony Sottile | set | recipients:
+ Anthony Sottile, mhammond, barry, brett.cannon, terry.reedy, jaraco, ncoghlan, pitrou, eric.smith, christian.heimes, ionelmc, SilentGhost, __Vano, eric.snow, takluyver, steve.dower, veky, Ivan.Pozdeev, ethan smith, cheryl.sabella, Chris Billington, Peter L3 |
2019-03-07 03:04:59 | Anthony Sottile | set | messageid: <1551927899.06.0.914050581164.issue33944@roundup.psfhosted.org> |
2019-03-07 03:04:59 | Anthony Sottile | link | issue33944 messages |
2019-03-07 03:04:58 | Anthony Sottile | create | |
|