diff options
| author | Stefan Monnier <monnier@iro.umontreal.ca> | 2010-11-17 10:00:16 -0500 |
|---|---|---|
| committer | Stefan Monnier <monnier@iro.umontreal.ca> | 2010-11-17 10:00:16 -0500 |
| commit | bac2de0fe3fadd8c5642b6a61aa89d245850bed3 (patch) | |
| tree | 018be5921e26b6703fcff0db4176800dd00757fa /lisp | |
| parent | c04f2ac06346dcdf6046d3c1612e843da17f3bd2 (diff) | |
| download | emacs-bac2de0fe3fadd8c5642b6a61aa89d245850bed3.tar.gz | |
* lisp/progmodes/python.el (run-python): Explain why we remove the current
directory from sys.path. Suggested by Eric Hanchrow <erich@cozi.com>.
Diffstat (limited to 'lisp')
| -rw-r--r-- | lisp/ChangeLog | 3 | ||||
| -rw-r--r-- | lisp/progmodes/python.el | 5 |
2 files changed, 8 insertions, 0 deletions
diff --git a/lisp/ChangeLog b/lisp/ChangeLog index 2b137af08d9..85b003d67f6 100644 --- a/lisp/ChangeLog +++ b/lisp/ChangeLog @@ -1,5 +1,8 @@ 2010-11-17 Stefan Monnier <monnier@iro.umontreal.ca> + * progmodes/python.el (run-python): Explain why we remove the current + directory from sys.path. Suggested by Eric Hanchrow <erich@cozi.com>. + * progmodes/grep.el (grep-regexp-alist): Tighten the regexp (bug#7378). 2010-11-16 Stefan Monnier <monnier@iro.umontreal.ca> diff --git a/lisp/progmodes/python.el b/lisp/progmodes/python.el index d2bb82e0580..a19445f47f5 100644 --- a/lisp/progmodes/python.el +++ b/lisp/progmodes/python.el @@ -1586,6 +1586,11 @@ buffer for a list of commands.)" (with-current-buffer (let* ((cmdlist (append (python-args-to-list cmd) + ;; It's easy for the user to cause the process to be + ;; started without realizing it (e.g. to perform + ;; completion); for this reason loading files from the + ;; current directory is a security risk. See + ;; http://article.gmane.org/gmane.emacs.devel/103569 '("-i" "-c" "import sys; sys.path.remove('')"))) (path (getenv "PYTHONPATH")) (process-environment ; to import emacs.py |