-
-
Notifications
You must be signed in to change notification settings - Fork 30.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CLI option for isolated mode #60703
Comments
I like to propose a new option for the Python interpreter: python -I It shall start the interpreter in isolated mode which ignores any The isolated mode implies -E (ignore all PYTHON* environment vars) and The option is intended for OS and application scripts that doesn't want The idea is motivated by a couple of bug reports, for example: https://bugs.launchpad.net/bugs/938869 lsb_release crashed with SIGABRT http://bugs.python.org/issue16202 sys.path[0] security issues http://bugs.python.org/issue16248 Security bug in tkinter allows for --- The idea has been discussed at http://mail.python.org/pipermail/python-ideas/2012-November/017766.html. |
The first patch implements the arg parsing, sys.flags, PySys_SetArgv() modification that doesn't include the current directory as sys.path[0] and some doc updates. Open issue:
|
I don't think we need to worry about overlapping with gcc; -B, -b, -c, -d, etc. are all used by gcc for some reason or another. |
+1 from me. "-I" and "isolated" sound fine to me. The patch needs to add some tests. Also the docs need some "versionadded" / "versionchanged" markers. |
On Nov 18, 2012, at 05:16 PM, Antoine Pitrou wrote:
I haven't reviewed the patch yet, but based on the email discussions, I'm also |
Here is a new patch with some tests. |
On 18.11.2012 15:30, Christian Heimes wrote:
Some other possible names:
Since this mode will often be used for testing Python installation
FWIW: Isolated and -I works for me as well. -- Professional Python Services directly from the Source (#1, Nov 19 2012)
>>> Python Projects, Consulting and Support ... http://www.egenix.com/
>>> mxODBC.Zope/Plone.Database.Adapter ... http://zope.egenix.com/
>>> mxODBC, mxDateTime, mxTextTools ... http://python.egenix.com/
________________________________________________________________________ ::: Try our new mxODBC.Connect Python Database Interface for free ! :::: eGenix.com Software, Skills and Services GmbH Pastor-Loeh-Str.48 |
New patch with typo fixes and update for recent modification in the make_flags() function. Marc: Apropos venv, I need to check how the option is affected by venv. |
How shall I handle venv? I'm reluctant to disable venv in site.py although it allows a user to modify sys.path. However it's only an issue under two circumstances: (1) The user either needs write permissions to the parent directory of the python executable. Point 1 allows the user to mess with the system in more serious ways. The second point can be avoided with a correctly written shebang line. |
I agree that venv shouldn't be a problem. |
The "system Python" idea in PEP-432 is aimed at providing an alternate interpreter binary which changes the default behaviour to be appropriate for system utilities, while allowing such features to be enabled selectively. |
I'm catching up on some old patches. What shall I do about this patch? Does anybody want to review or intervene it? |
It applies cleanly, builds without noticeable problems and does what it's advertised to do. In other words, looks great to me! I say go for it. |
"python -I" and "spython" sound like two ways to get the same results. I would prefer to only have one way. |
We don't have "spython" yet. Py_IsolatedFlag is also required if we ever going to have "spython", too. We can always remove the command line flag before Python 3.4 hits beta. |
On Jun 20, 2013, at 02:26 PM, STINNER Victor wrote:
Where does spython come from? Personally, I'd much rather this be an option on the existing python |
It comes from Nick and http://www.python.org/dev/peps/pep-0432/ . Once PEP-432 is in place we can easily create variants of Python binaries with special flags. I'm in favor with python -I, too. |
CPython's startup sequence and collection of global flags are organically I could use help laying the foundations for PEP-432 though - getting the
|
I've come around to the idea of having this available as an option in the default interpreter. A separate binary could then just make it the default behaviour (leaning on PEP-432 to do so), which is more shebang line friendly and allows Linux distros to better distinguish between "default behaviour of Python when running user scripts" and "default behaviour of Python when running system applications" in a way that simple symlinks can't. However, whether or not to provide such a binary (and whether or not to rewrite shebang lines in system packages to use it) would become our problem rather than an upstream problem. So +1 from me for a -I isolated mode, and I'll adjust PEP-432 as necessary to cope. |
On Jul 02, 2013, at 02:12 AM, Nick Coghlan wrote:
PEP-394 is probably related to any such additional binary. |
Yep, sounds good to me ("don't wait for PEP-432" is what I meant to imply above, but I wasn't very clear about it) |
New changeset 06c39789061e by Christian Heimes in branch 'default': |
For the record (since it took me a while to figure it out), the changeset that this was committed in is dd0d751cc7f1. |
Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.
Show more details
GitHub fields:
bugs.python.org fields:
The text was updated successfully, but these errors were encountered: