[Twisted-Python] Question regarding widgets
waterbug at beeblebrox.gsfc.nasa.gov
Wed Nov 6 01:09:58 EST 2002
Moshe Zadka wrote:
> On Tue, 05 Nov 2002, Alex <spam at polynode.com> wrote:
> > If you're building an app in c:\webapp, and you run twistd from that
> > directory, then 'c:\webapp' should be part of sys.path. The reason for
> > this is that '.' is part of sys.path, and if you're running twistd in
> > c:\webapp, then '.' == 'c:\webapp'.
> That's not correct, "." is never on your path (that'd be a serious security
> whole). The directory in which the script you run is on your path.
How is having "." on your PYTHONPATH a serious security hole?
(Of course it shouldn't be on _root_'s PYTHONPATH, but how is
it bad for a regular user?)
More information about the Twisted-Python