diff options
Diffstat (limited to 'Doc/library/security_warnings.rst')
| -rw-r--r-- | Doc/library/security_warnings.rst | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/Doc/library/security_warnings.rst b/Doc/library/security_warnings.rst index 26b015c..f985dc4 100644 --- a/Doc/library/security_warnings.rst +++ b/Doc/library/security_warnings.rst @@ -32,3 +32,9 @@ The following modules have specific security considerations: * :mod:`xml`: :ref:`XML vulnerabilities <xml-vulnerabilities>` * :mod:`zipfile`: :ref:`maliciously prepared .zip files can cause disk volume exhaustion <zipfile-resources-limitations>` + +The :option:`-I` command line option can be used to run Python in isolated +mode. When it cannot be used, the :option:`-P` option or the +:envvar:`PYTHONSAFEPATH` environment variable can be used to not prepend a +potentially unsafe path to :data:`sys.path` such as the current directory, the +script's directory or an empty string. |