[Python-Dev] Extending startup code: PEP needed?
Mon, 08 Jan 2001 16:26:21 +0100
"Martin v. Loewis" wrote:
> Authors of extension packages often find the need to auto-import some
> of their modules. This is often needed for registration, e.g. a codec
> author (like Tamito KAJIYAMA, who wrote the JapaneseCodecs package)
> may need to register a search function with codecs.register. This is
> currently only possible by writing into sitecustomize.py, which must
> be done by the system administrator manually.
> To enhance the service of site.py, I've written the patch
> which treats lines in PTH files which start with "import" as
> statements and executes them, instead of appending these lines to
> The patch is relatively small, but since it is an extension: Do I need
> to write a PEP for it?
Just curious: wouldn't this introduce a /tmp-style problem to
The scenario is quite simple: a Python script runs under root.
The script could pick up a lingering .pth file (e.g. from /tmp
or one of its subdirs -- distutils does this !) and then executes
arbitrary code as *root*.
Python Pages: http://www.lemburg.com/python/