Re: [exim-dev] Embedding Python

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Viktor Dukhovni
Date:  
À: exim-dev
Sujet: Re: [exim-dev] Embedding Python
On Mon, May 20, 2013 at 05:10:41PM -0400, Phil Pennock wrote:

> On 2013-05-20 at 11:02 -0700, Todd Lyons wrote:
> > Figured out the problem with using the list method for path
> > manipulation. My latest code is at:
> > http://git.exim.org/users/tlyons/exim.git
>
> I looked *very* briefly with:
>
> git diff e2658fff tlyons/master_volatile_python
>
> It looks good to me.
>
> > 2. If full path to python script is specified, it splits the path and
> > adds it to the system paths, then attempts to load it.
>
> This should be called out very clearly, perhaps even in the security
> section too, as it affects what code will be loaded into a root-run
> process and folks should know that they will be implicitly trusting
> everything in a directory from which they load code, not just the file
> that they load.


IIRC Python automatically adds the directory containing a script
to the search path for modules imported by *that* script. So it
should not be necessary to globally add the containing directory
to the search path, this can make other code more fragile by breaking
namespace boundaries. So if I am not mistaken, the system paths
should not be modified.

-- 
    Viktor.