On 2 June 2017 at 20:02, Victor Stinner <victor.stin...@gmail.com> wrote: > 2017-06-02 9:12 GMT+02:00 Greg Ewing <greg.ew...@canterbury.ac.nz>: >> Why do you want to change it? > > To make Python more secure. To prevent untrusted modules hijacking > stdlib modules on purpose to inject code for example.
As long as user site packages are enabled, folks are pretty much hosed on that front (drop a *.pth file in there and you can run arbitrary code at startup). Hence isolated mode and the system-python idea (which can potentially be implemented even while PEP 432 is still a private API, although it would require several more config settings to be migrated to the new structure first). Cheers, Nick. -- Nick Coghlan | ncogh...@gmail.com | Brisbane, Australia _______________________________________________ Python-ideas mailing list Python-ideas@python.org https://mail.python.org/mailman/listinfo/python-ideas Code of Conduct: http://python.org/psf/codeofconduct/
