GNU bug report logs - #70440
[PATCH] Use -P switch when calling 'python-interpreter'

Previous Next

Full log

Message #26 received at 70440 <at> debbugs.gnu.org (full text, mbox):

From: Augusto Stoffel <arstoffel <at> gmail.com>
To: kobarity <kobarity <at> gmail.com>
Cc: 70440 <at> debbugs.gnu.org, Eli Zaretskii <eliz <at> gnu.org>
Subject: Re: bug#70440: [PATCH] Use -P switch when calling 'python-interpreter'
Date: Fri, 19 Apr 2024 08:08:43 +0200

[Message part 1 (text/plain, inline)]

On Fri, 19 Apr 2024 at 00:25, kobarity wrote:

> The -P switch is new, introduced in CPython 3.11, so I don't think it
> can be added unconditionally.  Furthermore, `python-interpreter' may
> not be CPython.  Isn't it enough to customize
> `python-interpreter-args'?

After sleeping on this, I recommend using -P anyway and simply failing
if the installed Python is too old.

The reason is that this has a security implication, similar to the
recent Org mode Latex preview situation.  Without -P the user is tacitly
trusting the contents of the current directory.  By tricking an user
into downloading a malicious file with an intentional name clash (say
via git pull), arbitrary code could in principle be executed on the
user's machine.

The -P switch completely removes this possibility, and conversely,
without -P there seems to be no reasonable way to make Python safe.

I've attached a new patch that informs the user why the commands failed
when Python is too old, which is good enough in my opinion.  Note also
that this change only affects the Python import management commands,
which is a very handy but by no means essential feature.

[0001-Use-P-switch-when-calling-python-interpreter.patch (text/x-patch, attachment)]

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.