My concern with what is there is that it gives Python code the idea that it is safe to use sys.executable as a path to launch more Python interpreters. This is generally thought of as a safe and proper thing to do on stackoverflow and other programming sites, and it isn't safe. I tried using a library that did this from my applications startup routine and the library started another copy of my application which promptly called the library and suddenly there were 50 copies of my application running. Depending on where this is being used, this could be a significant security problem.
Rather than saying "the executable binary for the Python interpreter", I think it would be clearer to say "the executable binary for the current process. WARNING this will not always be a Python interpreter."
-----Original Message----- From: Julien Palard firstname.lastname@example.org Sent: Friday, June 19, 2020 7:30 AM To: Daniel Walter email@example.com; firstname.lastname@example.org Subject: Re: [docs] sys.executeable documentation
On 6/18/20 6:19 PM, Daniel Walter wrote:
The documentation of sys.executable indicates that this is the path to the python executable. It is actually the current running executable which may be python.exe. If the python C API is being used, this will report the executable which is embedding the python interpreter.
To be precise, the documentation of sys.executable indicates:
path of the executable binary for the Python interpreter
Regardless the "executable binary for the Python interpreter" is python.exe or another binary which contains the Python interpreter, the documentation looks right to me.
Any idea on how it could be enhanced?
Bests, -- [Julien Palard](https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fmdk.fr%2F&...)