Moreover, being able to do it programmatically is a security risk, since it requires elevated privileges that I don't know how to drop, and most people will not think about doing, but a library implementation will.
So if someone uses subprocess.run(), and the system asks the user for elevated privileges, a bug in later code can easily cause serious harm instead of failing. Yes, untrusted code should be sandboxed - but it isn't, more often than not. Elazar On Tue, Sep 20, 2016 at 2:02 PM אלעזר <elaz...@gmail.com> wrote: > I think I generally understand concerns, and partially agree. I'm > certainly not dismissing them. I only try to understand what are the > precise problems and why the current situation - with dangerous functions > at reach, easily buried deep in the code instead of marked on the top of > the script - is so much better. > > Elazar > > On Tue, Sep 20, 2016 at 1:56 PM Paul Moore <p.f.mo...@gmail.com> wrote: > >> On 20 September 2016 at 11:46, אלעזר <elaz...@gmail.com> wrote: >> > So it should be something like >> > >> > from unsafe.__pip__ import benchmark >> > >> > Where unsafe is the hypothetical namespace in which exec(), eval() and >> > subprocess.run() would have reside given your concerns. >> >> In my opinion, it should be >> >> # Please install benchmark using pip to run this script >> >> Or you should run the script using a dedicated runner like rwt. Or you >> can depend on a custom import hook that makes "from __pip__ >> install..." work as you want. I'm just saying that I don't want core >> Python to implicitly install packages for me. But that's simply a >> personal opinion. I'm not trying to persuade you you're wrong, just >> trying to explain my position. We can agree to differ. It certainly >> doesn't seem to me that there's any need for you to modify your >> proposal to suit me, it's unlikely I'll like any variation you're >> going to be happy with, which is fine (you're under no obligation to >> convince me). >> >> Paul >> >
_______________________________________________ Python-ideas mailing list Python-ideas@python.org https://mail.python.org/mailman/listinfo/python-ideas Code of Conduct: http://python.org/psf/codeofconduct/
