[Python-Dev] PEP 466: Proposed policy change for handling network security enhancements (original) (raw)
Chris Angelico rosuav at gmail.com
Mon Mar 24 01:38:01 CET 2014
- Previous message: [Python-Dev] PEP 466: Proposed policy change for handling network security enhancements
- Next message: [Python-Dev] PEP 466: Proposed policy change for handling network security enhancements
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Mon, Mar 24, 2014 at 11:03 AM, Barry Warsaw <barry at python.org> wrote:
Python 2.7.x will always be the "standard stdlib". We would never release a specific Python 2.7 + "security stdlib" release, but downstream developers would be able to overlay this forked stdlib on top of the standard one. Volunteers or corporate sponsors could distribute binary installers with this combination of pure Python 2.7 language + "security enhanced stdlib", and Linux distros could do the necessary building and distributing for their own platforms if they so desired.
The trick is what do you call this new combination, how do you invoke it, and how do you keep it distinct and independent of the system's standard Python 2.7?
Easy. Just set PYTHONPATH to import the SEPython [1] lib ahead of the standard lib. Then you can go back to the standard 2.7 (if you want to) by unsetting PYTHONPATH.
It'd be nice if SEPython defined a modified sys.version for clarity, but otherwise, it'd be a vanilla Python 2.7.
ChrisA
[1] By analogy with SELinux
- Previous message: [Python-Dev] PEP 466: Proposed policy change for handling network security enhancements
- Next message: [Python-Dev] PEP 466: Proposed policy change for handling network security enhancements
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]