[Python-Dev] PEP 466: Proposed policy change for handling network security enhancements
Chris Angelico
rosuav at gmail.com
Mon Mar 24 01:38:01 CET 2014
On Mon, Mar 24, 2014 at 11:03 AM, Barry Warsaw <barry at python.org> wrote:
> Python 2.7.x will always be the "standard stdlib". We would never release a
> specific Python 2.7 + "security stdlib" release, but downstream developers
> would be able to overlay this forked stdlib on top of the standard one.
> Volunteers or corporate sponsors could distribute binary installers with this
> combination of pure Python 2.7 language + "security enhanced stdlib", and
> Linux distros could do the necessary building and distributing for their own
> platforms if they so desired.
>
> The trick is what do you call this new combination, how do you invoke it, and
> how do you keep it distinct and independent of the system's standard Python
> 2.7?
Easy. Just set PYTHONPATH to import the SEPython [1] lib ahead of the
standard lib. Then you can go back to the standard 2.7 (if you want
to) by unsetting PYTHONPATH.
It'd be nice if SEPython defined a modified sys.version for clarity,
but otherwise, it'd be a vanilla Python 2.7.
ChrisA
[1] By analogy with SELinux
More information about the Python-Dev
mailing list