Author steve.dower
Recipients brett.cannon, eric.snow, eryksun, jkloth, lukasz.langa, mattip, ncoghlan, paul.moore, steve.dower, tim.golden, zach.ware
Date 2019-03-11.22:29:49
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1552343389.19.0.976746416342.issue36085@roundup.psfhosted.org>
In-reply-to
Content
In the absence of any other comments, here's my proposal.

* call SetDefaultDllDirectories() in Py_Main (i.e. not when embedded) to ensure secure search paths are always used
* ensure LoadLibrary when used in ctypes or importing will use the correct flags
* add sys._adddlldirectory() and sys._removedlldirectory() as CPython-specific functions for extending the search path (for use by packages currently modifying PATH at runtime)
* add check for KB2533623 to the installer and block if it is not present

Any thoughts? The only one I'm not 100% committed to is the SetDefaultDllDirectories call, but I'd rather ship it in alpha/beta releases and pull it out later if necessary. Passing the flags to LoadLibrary should have the same effect anyway, so I don't think changing the defaults in python.exe will make the current scenarios worse.
History
Date User Action Args
2019-03-11 22:29:49steve.dowersetrecipients: + steve.dower, brett.cannon, paul.moore, ncoghlan, tim.golden, jkloth, lukasz.langa, eric.snow, zach.ware, mattip, eryksun
2019-03-11 22:29:49steve.dowersetmessageid: <1552343389.19.0.976746416342.issue36085@roundup.psfhosted.org>
2019-03-11 22:29:49steve.dowerlinkissue36085 messages
2019-03-11 22:29:49steve.dowercreate