[issue32324] [Security] "python3 directory" inserts "directory" at sys.path[0] even in isolated mode

Nick Coghlan added the comment: (However, the behaviour Steve is describing suggests that sys.path[0] initialisation may have problems on Windows that the test suite isn't picking up - "-I" should *not* add the script directory to the path, and directory execution should

[issue32324] [Security] "python3 directory" inserts "directory" at sys.path[0] even in isolated mode

Nick Coghlan added the comment: When executing a sys.path entry, you're executing that *entire* entry (whether it's a directory or zipfile). This isn't a bug, and it isn't in conflict with the assurances offered by isolated mode (it would only be a problem if running

[issue32324] [Security] "python3 directory" inserts "directory" at sys.path[0] even in isolated mode

Steve Dower added the comment: > A compromise would be to refuse to start on "python3 -I directory" to remain > secure What would that achieve, considering that "python3 -I directory/__main__.py" would let you start with exactly the same sys.path?[*] The only change

[issue32324] [Security] "python3 directory" inserts "directory" at sys.path[0] even in isolated mode

STINNER Victor added the comment: A compromise would be to refuse to start on "python3 -I directory" to remain secure and respect -I documentation: https://docs.python.org/dev/using/cmdline.html#id2 "In isolated mode sys.path contains neither the script’s directory

[issue32324] [Security] "python3 directory" inserts "directory" at sys.path[0] even in isolated mode

Steve Dower added the comment: The more interesting part is the relative directory and how often is it resolved? Can you change a program's imports by inducing it to change its working directory immediately after startup (or before any lazy imports)? If so, we should

[issue32324] [Security] "python3 directory" inserts "directory" at sys.path[0] even in isolated mode

Brett Cannon added the comment: I vote that it has to work and it should be prepended. -- ___ Python tracker ___

[issue32324] [Security] "python3 directory" inserts "directory" at sys.path[0] even in isolated mode

STINNER Victor added the comment: > Since the directory is where the code that is being executed exists don't you > have to implicitly trust that directory is secure? Otherwise how can you even > trust the code you're choosing to execute? The question is if the

[issue32324] [Security] "python3 directory" inserts "directory" at sys.path[0] even in isolated mode

Brett Cannon added the comment: Since the directory is where the code that is being executed exists don't you have to implicitly trust that directory is secure? Otherwise how can you even trust the code you're choosing to execute? -- nosy: +christian.heimes

[issue32324] [Security] "python3 directory" inserts "directory" at sys.path[0] even in isolated mode

STINNER Victor added the comment: See also https://github.com/python/cpython/pull/4868 : I propose a change to factorize the code, but the side effect is that sys.path is now modified before "import readline" (when using the -i option, like "python3 -i directory").

[issue32324] [Security] "python3 directory" inserts "directory" at sys.path[0] even in isolated mode

STINNER Victor added the comment: "python3 directory" and "python3 testzip.zip" are implemented by calling runpy._run_module_as_main("__main__", set_argv0). Currently, sys.path is modified before calling _run_module_as_main(). Would it be possible to pass an

[issue32324] [Security] "python3 directory" inserts "directory" at sys.path[0] even in isolated mode

New submission from STINNER Victor : Christian Heimes, author of the -I option (isolated mode), asked me to open an issue to check if the following behaviour is correct (safe in term of security). "python3 directory" inserts "directory" at sys.path[0], even in