Re: F37 proposal: Python: Add -P to default shebangs (System-Wide Change proposal)

2022-07-19 Thread Miro Hrončok
On 11. 05. 22 15:27, Ben Cotton wrote: https://fedoraproject.org/wiki/Changes/PythonSafePath == Summary == The [https://docs.python.org/3.11/using/cmdline.html#cmdoption-P `-P` flag] will be added to the Python shebang macros (`%{py3_shbang_opts}`, `%{py3_shebang_flags}`, ...). Packages that ad

Re: F37 proposal: Python: Add -P to default shebangs (System-Wide Change proposal)

2022-05-13 Thread Victor Stinner
Changing the default in Python was discussed multiple times over the last 20 years. Every time, it was said that it's convenient and it's not worth it to break use cases to increase the default security. Python 3.4 already has -I (isolated mode) which imply Python 3.11 -P option, but it also impli

Re: F37 proposal: Python: Add -P to default shebangs (System-Wide Change proposal)

2022-05-12 Thread Vít Ondruch
Dne 11. 05. 22 v 20:45 Chris Adams napsal(a): Once upon a time, Zbigniew Jędrzejewski-Szmek said: Yeah, I agree. I think Python upstream should own up to the fact that adding '.' to sys.path was always a mistake. Yeah, perl bit that bullet a while ago now, dropping '.' from @INC. It's really

Re: F37 proposal: Python: Add -P to default shebangs (System-Wide Change proposal)

2022-05-11 Thread Miro Hrončok
On 11. 05. 22 18:37, Daniel P. Berrangé wrote: On Wed, May 11, 2022 at 10:24:17AM -0400, Robbie Harwood wrote: Ben Cotton writes: :Don’t prepend a potentially unsafe path to `sys.path`: If this is a safety/security issue, why not just make it the default for python itself? I presume that

Re: F37 proposal: Python: Add -P to default shebangs (System-Wide Change proposal)

2022-05-11 Thread Miro Hrončok
On 11. 05. 22 16:24, Robbie Harwood wrote: Ben Cotton writes: :Don’t prepend a potentially unsafe path to `sys.path`: If this is a safety/security issue, why not just make it the default for python itself? I would like that, but -P is what we have now. If we pioneer this in Fedora, maybe

Re: F37 proposal: Python: Add -P to default shebangs (System-Wide Change proposal)

2022-05-11 Thread Chris Adams
Once upon a time, Zbigniew Jędrzejewski-Szmek said: > Yeah, I agree. I think Python upstream should own up to the fact that > adding '.' to sys.path was always a mistake. Yeah, perl bit that bullet a while ago now, dropping '.' from @INC. It's really the only sane default. -- Chris Adams __

Re: F37 proposal: Python: Add -P to default shebangs (System-Wide Change proposal)

2022-05-11 Thread Daniel P . Berrangé
On Wed, May 11, 2022 at 10:24:17AM -0400, Robbie Harwood wrote: > Ben Cotton writes: > > > :Don’t prepend a potentially unsafe path to `sys.path`: > > If this is a safety/security issue, why not just make it the default for > python itself? I presume that approach is considered too disruptive t

Re: F37 proposal: Python: Add -P to default shebangs (System-Wide Change proposal)

2022-05-11 Thread Barry
> On 11 May 2022, at 15:25, Robbie Harwood wrote: > > Ben Cotton writes: > >> :Don’t prepend a potentially unsafe path to `sys.path`: > > If this is a safety/security issue, why not just make it the default for > python itself? It will break normal user use of python. There is an expectat

Re: F37 proposal: Python: Add -P to default shebangs (System-Wide Change proposal)

2022-05-11 Thread Zbigniew Jędrzejewski-Szmek
On Wed, May 11, 2022 at 10:24:17AM -0400, Robbie Harwood wrote: > Ben Cotton writes: > > > :Don’t prepend a potentially unsafe path to `sys.path`: > > If this is a safety/security issue, why not just make it the default for > python itself? Yeah, I agree. I think Python upstream should own up t

Re: F37 proposal: Python: Add -P to default shebangs (System-Wide Change proposal)

2022-05-11 Thread Robbie Harwood
Ben Cotton writes: > :Don’t prepend a potentially unsafe path to `sys.path`: If this is a safety/security issue, why not just make it the default for python itself? Be well, --Robbie signature.asc Description: PGP signature ___ devel mailing list --

F37 proposal: Python: Add -P to default shebangs (System-Wide Change proposal)

2022-05-11 Thread Ben Cotton
https://fedoraproject.org/wiki/Changes/PythonSafePath == Summary == The [https://docs.python.org/3.11/using/cmdline.html#cmdoption-P `-P` flag] will be added to the Python shebang macros (`%{py3_shbang_opts}`, `%{py3_shebang_flags}`, ...). Packages that adhere to those macros will change their Pyt