Barry A. Warsaw <ba...@python.org> added the comment: On Feb 26, 2019, at 05:19, Nick Coghlan <rep...@bugs.python.org> wrote: > > I just don't want to lose the "add this location to sys.path" behaviour that > exists for lines in pth files that *don't* start with "import ", since that > has plenty of legitimate use cases, and the only downside of overusing it is > an excessively long default sys.path (which has far more consistent and > obvious symptoms than the arbitrary code execution case can lead to).
It’s also very difficult to debug because pth loading usually happens before the user has a chance to intervene with a debugger. This means mysterious things can happen, like different versions of a package getting imported than you expect. Extending sys.path is a useful use case, but doing so in pth files is problematic. ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <https://bugs.python.org/issue33944> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
