mirrors/cpython
1
0
Fork 0
mirror of https://github.com/python/cpython.git synced 2025-07-24 11:44:31 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 8

gh-57684: Add -P cmdline option and PYTHONSAFEPATH env var (#31542)

Browse source 
Add the -P command line option and the PYTHONSAFEPATH environment
variable to not prepend a potentially unsafe path to sys.path.

* Add sys.flags.safe_path flag.
* Add PyConfig.safe_path member.
* Programs/_bootstrap_python.c uses config.safe_path=0.
* Update subprocess._optim_args_from_interpreter_flags() to handle
  the -P command line option.
* Modules/getpath.py sets safe_path to 1 if a "._pth" file is
  present.
This commit is contained in:
Victor Stinner 2022-05-06 01:34:11 +02:00 committed by GitHub
parent f6dd14c653
commit ada8b6d1b1
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
20 changed files with 174 additions and 35 deletions
Download patch file Download diff file Expand all files Collapse all files

1
Modules/getpath.py
View file

@ -717,6 +717,7 @@ if pth:
config['isolated'] = 1
config['use_environment'] = 0
config['site_import'] = 0
config['safe_path'] = 1
pythonpath = []
for line in pth:
line = line.partition('#')[0].strip()

2
Modules/main.c
View file

@ -570,7 +570,7 @@ pymain_run_python(int *exitcode)
goto error;
}
}
else if (!config->isolated) {
else if (!config->safe_path) {
PyObject *path0 = NULL;
int res = _PyPathConfig_ComputeSysPath0(&config->argv, &path0);
if (res < 0) {