On Mar 26, 2014, at 10:42 AM, Donald Stufft wrote: >> But also, -I should imply this new option for full isolation. > >Not sure about this, I don’t think I saw the original discussion but it looks >like -I is to prevent the user from injecting malicious code (so it removes >env vars, the user site packages, the current dir, etc). I don’t think that >something installed by pip by the system administrator falls under that. Here's the issue where -I was discussed (it wasn't a PEP): http://bugs.python.org/issue16499 Here, "isolation mode" means specifically isolating the Python interpreter from "bad stuff a user could do" to their environment. So I guess it is questionable whether to lump the sysadmin in that category ;). OT1H, a distro wants to pretty clear about what the expected environment for system services and scripts is. OTOH, we probably need to give the sysadmin the benefit of the doubt and allow them to modify their system for their needs, but then take responsibility for those changes. So I can see the argument that -I should not include --dont-blame-us. With a short option, it wouldn't be difficult to recommend "full isolation" in shebang lines with -I@ (where @ == short option). -Barry
Attachment:
signature.asc
Description: PGP signature