summaryrefslogtreecommitdiffstats
path: root/Doc/library/security_warnings.rst
diff options
context:
space:
mode:
authorVictor Stinner <vstinner@python.org>2022-05-06 02:53:00 (GMT)
committerGitHub <noreply@github.com>2022-05-06 02:53:00 (GMT)
commit5f29268283aba12d4f2c83cab4966286e0ac5128 (patch)
tree9a89d91965ee5ee8d9d6e76e071e2181d521f089 /Doc/library/security_warnings.rst
parent329afe78c3bbc234492a53f7a4084d07e215a077 (diff)
downloadcpython-5f29268283aba12d4f2c83cab4966286e0ac5128.zip
cpython-5f29268283aba12d4f2c83cab4966286e0ac5128.tar.gz
cpython-5f29268283aba12d4f2c83cab4966286e0ac5128.tar.bz2
gh-57684: Document safe path in What's New in Python 3.11 (#92362)
Mention also -P and PYTHONSAFEPATH in the Security Considerations page.
Diffstat (limited to 'Doc/library/security_warnings.rst')
-rw-r--r--Doc/library/security_warnings.rst6
1 files changed, 6 insertions, 0 deletions
diff --git a/Doc/library/security_warnings.rst b/Doc/library/security_warnings.rst
index 26b015c..f985dc4 100644
--- a/Doc/library/security_warnings.rst
+++ b/Doc/library/security_warnings.rst
@@ -32,3 +32,9 @@ The following modules have specific security considerations:
* :mod:`xml`: :ref:`XML vulnerabilities <xml-vulnerabilities>`
* :mod:`zipfile`: :ref:`maliciously prepared .zip files can cause disk volume
exhaustion <zipfile-resources-limitations>`
+
+The :option:`-I` command line option can be used to run Python in isolated
+mode. When it cannot be used, the :option:`-P` option or the
+:envvar:`PYTHONSAFEPATH` environment variable can be used to not prepend a
+potentially unsafe path to :data:`sys.path` such as the current directory, the
+script's directory or an empty string.