3 files changed, 13 insertions, 4 deletions

diff --git a/Demo/embed/Makefile b/Demo/embed/Makefile
index 857b5e5..711b95b 100644
--- a/Demo/embed/Makefile
+++ b/Demo/embed/Makefile
@@ -22,7 +22,7 @@ CPPFLAGS=	$(INCLUDES)
 LIBPYTHON=	$(blddir)/libpython$(VERSION).a
 
 # XXX edit LIBS (in particular) to match $(blddir)/Modules/Makefile
-LIBS=		-lnsl -ldl -lreadline -ltermcap -lieee -lpthread -lutil
+LIBS=		-lnsl -ldl -lreadline -lieee -lpthread -lutil
 LDFLAGS=	-Xlinker -export-dynamic
 SYSLIBS=	-lm
 MODLIBS=	
diff --git a/Demo/embed/demo.c b/Demo/embed/demo.c
index 22bfaff..99d39ca 100644
--- a/Demo/embed/demo.c
+++ b/Demo/embed/demo.c
@@ -22,8 +22,17 @@ main(int argc, char **argv)
     /* Define sys.argv.  It is up to the application if you
        want this; you can also let it undefined (since the Python
        code is generally not a main program it has no business
-       touching sys.argv...) */
-    PySys_SetArgv(2, args);
+       touching sys.argv...)
+
+       If the third argument is true, sys.path is modified to include
+       either the directory containing the script named by argv[0], or
+       the current working directory.  This can be risky; if you run
+       an application embedding Python in a directory controlled by
+       someone else, attackers could put a Trojan-horse module in the
+       directory (say, a file named os.py) that your application would
+       then import and run.
+    */
+    PySys_SetArgvEx(2, args, 0);
 
     /* Do some application specific code */
     printf("Hello, brave new world\n\n");
diff --git a/Demo/embed/loop.c b/Demo/embed/loop.c
index 2f7fe62..4a341fd 100644
--- a/Demo/embed/loop.c
+++ b/Demo/embed/loop.c
@@ -19,7 +19,7 @@ main(int argc, char **argv)
         count = atoi(argv[2]);
     }
 
-    Py_SetProgramName(argv[0]);
+    Py_SetProgramName(L"loop");
 
     /* uncomment this if you don't want to load site.py */
     /* Py_NoSiteFlag = 1; */