« Return to Thread: Bug#484305: bicyclerepair: bike.vim imports untrusted python files from cwd
Bug#484305: bicyclerepair: bike.vim imports untrusted python files from cwd
by Robert Collins
::
Rate this Message:
On Tue, 2008-08-05 at 23:07 -0400, James Vega wrote:
> While this does provide a workaround for the issue, this is behavior
> inherent in the way Python is designed and should be fixed in Python.
> If we choose to instead address every application that embeds Python,
> we're just creating an endless stream of work for ourselves.
Possibly. I did file a bug [rejected] on reportbug itself just a few
days ago, because it also will load from . if '' is in the pythonpath.
OTOH perhaps having '' in sys.path is always wrong and we should start a
mass set of bugs to prevent it?
-Rob
--
GPG key available at: <http://www.robertcollins.net/keys.txt>.
> While this does provide a workaround for the issue, this is behavior
> inherent in the way Python is designed and should be fixed in Python.
> If we choose to instead address every application that embeds Python,
> we're just creating an endless stream of work for ourselves.
Possibly. I did file a bug [rejected] on reportbug itself just a few
days ago, because it also will load from . if '' is in the pythonpath.
OTOH perhaps having '' in sys.path is always wrong and we should start a
mass set of bugs to prevent it?
-Rob
--
GPG key available at: <http://www.robertcollins.net/keys.txt>.
signature.asc (196 bytes) « Return to Thread: Bug#484305: bicyclerepair: bike.vim imports untrusted python files from cwd
| Free embeddable forum powered by Nabble | Forum Help |
