best way to ensure './' is at beginning of sys.path?
Cameron Simpson
cs at zip.com.au
Fri Feb 3 20:07:44 EST 2017
On 03Feb2017 17:21, Wildman <best_lay at yahoo.com> wrote:
>On Sat, 04 Feb 2017 09:25:42 +1100, Cameron Simpson wrote:
>> Also, what you describe with rc.local wouldn't work anyway, even if it had
>> ben
>> what was asked.
>
>Of course, you are correct. I don't know where my head
>was. I think my tongue got in front of my eye teeth and
>I could not see what I was saying. :-)
>
>If anyone is interested the correct way is to add this to
>/etc/profile (at the bottom):
>
>PATH=$PATH:./
>export PATH
Indeed. But this should usually be accompanied by the advice that this isn't a
good idea. Having one's commands at the mercy of whatever directory one is
standing in is a recipe for being subverted. While the risk is lessened by
having "." at the end of the search path, that just means the attacker (==
other user of this system) has to name their trojan horse commands after typing
errors, such as the ever popular "gerp" search programme.
Even with Python I'd feel it is better to not have "." in the sys.path; I'd be
happier with a full path to a preferred source of modules. (Yes, I know Python
likes to search the current directory for modules, notmy favourite feature.)
Cheers,
Cameron Simpson <cs at zip.com.au>
More information about the Python-list
mailing list