Nick Coghlan <ncogh...@gmail.com> added the comment: "python -m mypkg.myscript" does the right thing as far as local packages are concerned, whereas "python -m mypkg/myscript.py" will set you up for double-import bugs.
Note that you can almost always trigger arbitrary non-obvious code execution just by writing sitecustomize.py to the current directory, and any package you install can add a "<installation-site-packages>/arbitrary-code.pth" or "<user-site-packages>/arbitrary-code.pth" file that gets run at startup (setuptools has long relied on this to implement various features). Opting in to isolated mode turns *all* of those features off by saying "I'm expecting to run system code only here, not custom user code". ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <https://bugs.python.org/issue33053> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
