Tres Seaver wrote: > You are plainly joking: nothing in Python should know or care about the > various bureaucratic insanities in some workplaces. Given the > *existing* stdlib and network connectivity, nothing any corporate > security blackshirt can do will prevent an even moderately-motivated > person from executing arbitrary code downloaded from elsewhere. In that > case, what is the point in trying to help those who impose such craziness?
Network connectivity isn't a given, even today. So yes, there are environments that are secure (i.e. no network connectivity), and there are environments where developers are trusted (shock, horror) to actually follow company policy and get all licenses vetted by their Contracts group before installing downloaded software on company machines. Given that even some of the core developers work in environments like that, then yes, I believe Python can and should take reasonable steps to enable its use in such situations. And the most reasonably step Python can take on that front is to continue to provide a relatively powerful standard library *even if* a flexible and otherwise useful package management approach is added at some stage. If someone else decides to create a MinimalPython which consists solely of something like easy_install and whatever is needed to run it (i.e. the opposite of the "fat" bundles from folks like ActiveState and Enthought), then more power to them. But I don't believe the official releases from python.org should go that way. Cheers, Nick. -- Nick Coghlan | ncogh...@gmail.com | Brisbane, Australia --------------------------------------------------------------- _______________________________________________ Python-Dev mailing list Python-Dev@python.org http://mail.python.org/mailman/listinfo/python-dev Unsubscribe: http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
