languages/cpython
languages/cpython
1
0
Fork 0
mirror of https://github.com/python/cpython synced 2024-10-14 21:15:33 +00:00
Code Issues Packages Projects Releases Wiki Activity

bpo-35755: Remove current directory from posixpath.defpath (GH-11586)

Browse source 
Document the change in a NEWS entry of the Security category.
This commit is contained in:
Victor Stinner 2019-04-17 17:05:30 +02:00 committed by GitHub
parent 228a3c99bd
commit 2c4c02f8a8
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 6 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
Lib/posixpath.py
View file

@ -18,7 +18,7 @@
extsep = '.'
sep = '/'
pathsep = ':'
defpath = ':/bin:/usr/bin'
defpath = '/bin:/usr/bin'
altsep = None
devnull = '/dev/null'

5
Misc/NEWS.d/next/Security/2019-01-17-10-03-48.bpo-35755.GmllIs.rst Normal file
View file

@ -0,0 +1,5 @@
:func:`shutil.which` now uses ``os.confstr("CS_PATH")`` if available and if the
:envvar:`PATH` environment variable is not set. Remove also the current
directory from :data:`posixpath.defpath`. On Unix, :func:`shutil.which` and the
:mod:`subprocess` module no longer search the executable in the current
directory if the :envvar:`PATH` environment variable is not set.