On Mar 26, 2014, at 10:35 AM, Barry Warsaw <barry@debian.org> wrote: > On Mar 26, 2014, at 09:24 AM, Donald Stufft wrote: > >> In my half formed idea in my head the way it’d work is there’d be a >> vendor-packages directory where downstream can install things to, and a flag >> to the interpreter to remove the typical site-packages. So then you’d get >> something like: >> >> python -I —no-site-packages -m something > > There has to be a short option for --no-site-packages (or whatever) so that it > will work with shebang lines, where we already recommend -Es. Yea I just didn’t feel like thinking up a short option :) > But also, -I > should imply this new option for full isolation. Not sure about this, I don’t think I saw the original discussion but it looks like -I is to prevent the user from injecting malicious code (so it removes env vars, the user site packages, the current dir, etc). I don’t think that something installed by pip by the system administrator falls under that. > > Which means for Python 3.4 and beyond we should be recommending system > services and scripts add -I to the shebang line instead of -Es. Then we'd get > this new /usr/local isolation switch for free. > > -Barry ----------------- Donald Stufft PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
Attachment:
signature.asc
Description: Message signed with OpenPGP using GPGMail