RetroSearch Browse

Home - News ( United States | United Kingdom | Italy | Germany ) - Football scores

Showing content from https://mail.python.org/pipermail/python-dev/2001-January/011442.html below:

[Python-Dev] Extending startup code: PEP needed?

[Python-Dev] Extending startup code: PEP needed? [Python-Dev] Extending startup code: PEP needed?Martin von Loewis loewis@informatik.hu-berlin.de
Mon, 8 Jan 2001 18:51:28 +0100 (MET)

Previous message: [Python-Dev] xreadlines : readlines :: xrange : range
Next message: [Python-Dev] Extending startup code: PEP needed?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> Just curious: wouldn't this introduce a /tmp-style problem to
> Python ?

I tried, but I could not produce such a problem.

> The scenario is quite simple: a Python script runs under root.
> The script could pick up a lingering .pth file (e.g. from /tmp
> or one of its subdirs -- distutils does this !) and then executes
> arbitrary code as *root*.

No, Python looks only in a few places for pth file: 
{<prefix>,<exec_prefix>}{,/lib/python<version>/site-packages,/lib/site-python}

so it won't pick up pth files in /tmp.

Regards,
Martin

Previous message: [Python-Dev] xreadlines : readlines :: xrange : range
Next message: [Python-Dev] Extending startup code: PEP needed?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

RetroSearch is an open source project built by @garambo | Open a GitHub Issue

Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo

HTML: 3.2 | Encoding: UTF-8 | Version: 0.7.4