diff options
| -rw-r--r-- | Demo/embed/demo.c | 15 | ||||
| -rw-r--r-- | Doc/c-api/intro.rst | 8 |
2 files changed, 16 insertions, 7 deletions
diff --git a/Demo/embed/demo.c b/Demo/embed/demo.c index 22bfaff4fd..dc8bcf04fc 100644 --- a/Demo/embed/demo.c +++ b/Demo/embed/demo.c @@ -20,10 +20,19 @@ main(int argc, char **argv) Py_Initialize(); /* Define sys.argv. It is up to the application if you - want this; you can also let it undefined (since the Python + want this; you can also leave it undefined (since the Python code is generally not a main program it has no business - touching sys.argv...) */ - PySys_SetArgv(2, args); + touching sys.argv...) + + If the third argument is true, sys.path is modified to include + either the directory containing the script named by argv[0], or + the current working directory. This can be risky; if you run + an application embedding Python in a directory controlled by + someone else, attackers could put a Trojan-horse module in the + directory (say, a file named os.py) that your application would + then import and run. + */ + PySys_SetArgvEx(argc, argv, 0); /* Do some application specific code */ printf("Hello, brave new world\n\n"); diff --git a/Doc/c-api/intro.rst b/Doc/c-api/intro.rst index 4b67912cf4..249610b456 100644 --- a/Doc/c-api/intro.rst +++ b/Doc/c-api/intro.rst @@ -519,12 +519,12 @@ the table of loaded modules, and creates the fundamental modules :mod:`builtins`, :mod:`__main__`, :mod:`sys`, and :mod:`exceptions`. It also initializes the module search path (``sys.path``). -.. index:: single: PySys_SetArgv() +.. index:: single: PySys_SetArgvEx() :cfunc:`Py_Initialize` does not set the "script argument list" (``sys.argv``). -If this variable is needed by Python code that will be executed later, it must -be set explicitly with a call to ``PySys_SetArgv(argc, argv)`` subsequent to -the call to :cfunc:`Py_Initialize`. +If this variable is needed by Python code that will be executed later, it must +be set explicitly with a call to ``PySys_SetArgvEx(argc, argv, updatepath)`` +after the call to :cfunc:`Py_Initialize`. On most systems (in particular, on Unix and Windows, although the details are slightly different), :cfunc:`Py_Initialize` calculates the module search path |