Brian Curtin <cur...@acm.org> added the comment: Even if we changed the ACL of the executable, any user could still add malicious code to be executed on import, as the C:\PythonXY directory doesn't require specific privileges for writing to it, and it shouldn't by default. When installed to "C:\Program Files", certain privileges are required to install anything, so regular users can't install third party code or swap out the interpreter.
If you need the added security, you are more than welcome to choose to install Python to a more secure location. Defaulting to "C:\Program Files" isn't necessary. See also: issues #1074873 and #818030 ---------- resolution: -> rejected status: open -> closed _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue5802> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
