Michael Torrie wrote: > On 10/28/2015 10:10 AM, Peter Otten wrote: >> Terry Reedy wrote: >> >> Thank you for your patience. >> >>> Why do you think it a misfeature for IDLE to execute code the way Python >>> does? >> >> Sadly I wasn't aware that the interactive interpreter is also vulnerable. >> I should have been, but failed to add one and one. >> >> Until now I have often started python in a directory with unknown >> contents, to use it as a calculator or to explore the files in that >> directory. >> >> I will stop doing so. > > I'm curious what behavior you would suggest?
I didn't suggest anything, because I didn't see a practical remedy. > In the case of the bare interactive interpreter, since there's no script > loaded, the current directory is added so you can import modules you are > working on. I do this all the time to help with testing and development > of my projects' modules. This behavior makes perfect sense to me and I > don't see any other practical alternative that is useful, expect for > some syntax that differentiates between "local" imports and system ones. > Not being able to easily import local modules would make the > interactive interpreter next to useless for me. > > Given that this is only the behavior for interactive Python anyway, I > don't see this as a significant vulnerability. If a bad guy is littering > your working directories with malicious python programs you might > import, you've already lost. No amount of Python tweaks are going to > save you. The problematic module might not even be malicious, it could just lack the if __name__ == "__main__": ... guard. And I am the bad guy I have in mind ;) When I download a Python project, have a look at it and then fire up an editor... $ hg clone http://www.example.com/whatever $ cd whatever $ ls -1 interesting_stuff.py ... string.py ... also_interesting.py ... readline.py ... $ idle # or $ python I don't want to check if there are any modules in the project that have names that will cause idle or python to import them instead of those it actually needs. Safer behaviour might be achieved by deferring the addition of the current directory to the path until idle or the interactive interpreter is completely set up or even by limiting import during the interpreter startup to built-in modules or a whitelist. PS: The shell people have learned their lesson and no longer include the working directory in the PATH: $ ls # the real thing $ ./ls # use at your own risk So maybe >>> import string # stdlib >>> from . import string # whatever you dropped into your working directory OK, probably not (just brainstorming). -- https://mail.python.org/mailman/listinfo/python-list
