On Sun, 23 Mar 2014 21:31:12 -0400, Barry Warsaw <ba...@python.org> wrote: > On Mar 24, 2014, at 11:38 AM, Chris Angelico wrote: > > >Easy. Just set PYTHONPATH to import the SEPython [1] lib ahead of the > >standard lib. Then you can go back to the standard 2.7 (if you want > >to) by unsetting PYTHONPATH. > > > >It'd be nice if SEPython defined a modified sys.version for clarity, > >but otherwise, it'd be a vanilla Python 2.7. > > That's certainly more in the direction of what I think is an appropriate > upstream solution. > > The thing is, there isn't one single "what's best for users" resolution. > There are many, many competing requirements and I think it will be difficult > to satisfy everyone. I'm particularly sensitive to complaints of unexpected > changes between micro releases.
In the context of that last sentence, I think it is worth noting the stance that 3.4 is taking[*] about security backward compatibility, since many people may not be aware of it (we only just finished making the documentation clear). If you use create_default_context() to get your context object, you get a "best practices" level of security *that may change between maintenance releases*. If you want things to not change between maintenance releases, you create your own context object and set its controls appropriately. In other words, the programmer opts in to maintenance release security improvements by using create_default_context. I presume that whatever comes out of this PEP will use the same approach. Note: thanks again to Christian Heimes and Antoine Pitrou for this work. Without Christian's work, I think we wouldn't even be having this conversation. Antoine's earlier work laid essential groundwork, but by itself I'm not sure that would have been enough to result in calls for a backport. It took both of them, with some help from others as well. --David [*] I actually don't know if this was discussed on python-dev previously because I've got a backlog of messages I'm not caught up on. If it hasn't been, then doubly good to mention it now, since the first 3.4 maintenance release hasn't happened yet :) _______________________________________________ Python-Dev mailing list Python-Dev@python.org https://mail.python.org/mailman/listinfo/python-dev Unsubscribe: https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
