On Tue, Apr 26, 2022 at 2:50 AM Victor Stinner <vstin...@python.org> wrote:
> Hi, > > There are 4 main ways to run Python: > > (1) python -m module [...] > (2) python script.py [...] > (3) python -c code [...] > (4) python [...] > > (1) and (2) insert the directory of the module/script at sys.path[0]. > (3) and (4) insert an empty string at sys.path[0]. > > This behavior is convenient and is maybe part of Python usability > success: importing a module in the current directory is as easy as > "import other_module" (load other_module.py). But it's also a threat > to security: an attacker can override a stdlib module by creating a > Python script with the same name than a stdlib module, like os.py or > shutil.py. > > People learning Python commonly create a file with the same name than > a stdlib module (ex: random.py) and then are clueless in face of an > ImportError exception. > > Changing the default behavior was discussed multiple times. No > consensus was reached, maybe because most users like the current > default behavior and are not affected by corner cases (see below). > > I propose adding a -P option to Python command line interface to "not > add sys.path[0]": > https://github.com/python/cpython/pull/31542 We would use this in the Python extension for VS Code for case (1) as we have had issues with (1) when running tools on people's behalf. People will accidentally shadow the stdlib and then do something unexpected as an import side-effect in their shadowing module like delete files. Not something you want happening when you're just wanting to run Pylint. 😅 -Brett > > > See the documentation in the PR for the exact behavior of this option. > I prefer to add an environment variable, only pass the option > explicitly on the command line. > > Since Python 3.4, there is already the -I ("isolated mode") option: > https://docs.python.org/dev/using/cmdline.html#cmdoption-I > > The -I option has other effects like disabling user site directories, > it option doesn't fit use cases of the -P option. > > One annoying issue of the Python default behavior is that running a > script in /usr/bin/ as root can create or override .pyc files in the > /usr directory, even in the /usr/bin/ directory. Example of this > surprising and annoying issue: > https://github.com/benjaminp/six/issues/359#issuecomment-996159668 > > The -P option can be used in #!/usr/bin/python shebang to avoid this issue. > > -- > > An alternative would be to change the default behavior to not add > sys.path[0], and add an option to opt-in for Python 3.10 behavior. > Here are my notes about it: > https://github.com/vstinner/misc/blob/main/cpython/pep_path0.rst > > What do you think? > > Victor > -- > Night gathers, and now my watch begins. It shall not end until my death. > _______________________________________________ > Python-Dev mailing list -- python-dev@python.org > To unsubscribe send an email to python-dev-le...@python.org > https://mail.python.org/mailman3/lists/python-dev.python.org/ > Message archived at > https://mail.python.org/archives/list/python-dev@python.org/message/IU5Q2AXAURFVDPRWNU3BDFVKV2QX5NOR/ > Code of Conduct: http://python.org/psf/codeofconduct/ >
_______________________________________________ Python-Dev mailing list -- python-dev@python.org To unsubscribe send an email to python-dev-le...@python.org https://mail.python.org/mailman3/lists/python-dev.python.org/ Message archived at https://mail.python.org/archives/list/python-dev@python.org/message/2DCKKOJNB4T3ZKXQAEFTC6ZCMXPONFPG/ Code of Conduct: http://python.org/psf/codeofconduct/
