I recently had some problems learning Python, with a file I wanted to import into another program file. I managed to resolve the problem using PYTHONPATH, but this feels a bit clumsy for regular programming. I wrote the following function to make managing my library directories easier.
import os
import sys
def getPathList():
home_dir = os.path.expanduser(“~”)
home_dir = home_dir + ‘/’
try:
home_dir = home_dir + “libPathList”
file = open(home_dir, “r”)
while True :
line = file.readline()
if line == ‘’:
break # Break the loop at end of file
if line[0] == “#” :
continue # If the line begins with a hash character (#)
# it’s a comment, continue with the next line.
newDir = home_dir + line # Create newDir as home_dir
# combined with line.
# Line is supposed to be the
# relative path to a python
# library the user has created.
sys.path.append(newDir) # Append the library directory
# to sys.path.
except FileNotFoundError:
# The file libPathList does not exist in the home directory
# of the user. Ignore it and do not modify the library search path.
pass
As you probably can see, it looks for a file named “libPathList” in the home directory of the user. If the file exists, it excludes any comment (any file that begins with a # character) and add other lines to the library search path. If the file does not exists, nothing is changed.
This makes it very easy to add and remove private program libraries, and I like this solution. I realized that this might be helpful to more people than me, so what do you think of this function as an addition to the sys or os packages?
replace home_dir = os.path.expanduser(“~”) with home_dir = pathlib.Path.home(). No big deal.
Why import tomllib to scan a file unlikely to grow to over 100 lines? This is 50 directories used as python libraries with one comment each.
Using PYTHONPATH is just another way to modify sys.path. Why should that be OK, and my method be something i’m “likely not what you want to do”? Looks like a silly argument to me.
This would be an automatic privileged escalation vulnerability if someone runs Python with say sudo without -H since an unprivileged user would be allowed to extend the search path of and then inject .pth files into a privileged process.
PYTHONPATH should feel ad-hoc since that’s exactly what any form of package management without the package manager is. If it’s not enough for you then you’d be better off learning to build projects you can then install in editable mode.
If this is correct, then why is sys.path.append() a part of the sys.path module? I’m certainly not the only one who can misuse it. If it’s that dangerous, I would expect that it has been withdrawn or is in the process of being withdrawn.
Sorry, but if sys.path is not a module it looks like sys is a module with path as a built in part. My question is still if sys.path.append() reaky is dangerous to use, and in that case why?
It’s not unconditionally dangerous. You can add paths that have equivalent access the rest of the environment. You can not have multiple users. You can not use Python with elevated privileges. You can have other, easier ways for write access to become privileged execute access without sys.path’s help. Or you can just not care.
Odds are that all of those are true for most people but they’re not true for say a web server so Python can have sys.path.append() and people can use it without bad things necessarily happening but Python itself can’t get away with new default-on behaviour that assumes low security requirements.
I’m always depressed by how many Windows users, whenever something doesn’t work, they’ll try blindly rerunning it as admin as a first point of debugging – even if the issue isn’t a permissions one. That’s how trivial achieving privilege escalation is for everday users. But open source is held to the security standard of its most paranoid users, not its average.
I’m reasonably paranoid as well. That is why I designed the function to be placed in a users home directory, and to only accept directories that are subdirectories of the home directory of the user in question. I’m to about 80% a Unix/Linux guy, and that makes it safe in a Unix environment. Unix and Linux are basically bullet proof as long as you run as an ordinary user.
Running any software as admin in Windows, or as root in Unix and Linux, is basically dangerous. No software should run with that much privilege unless it is absolutely necessary. But I cannot see how the design of any programming language or library can protect against stupidity. And I have a Master of Science degree in Computer Science, and have studied operating systems extensively. (I’m interested in computer security and reliability.) I believe that I should have known about any kind of software with that capability. It does not exists in Windows, neither in Unix, Linux, or in MVS or VM/CMS (two operating systems running on IBM mainframes).
I have continued to experiment with my code, using it in a project. This forced me to discover a few glitches who remained in my code. My most recent version now look like this:
____________________________________________________________________________
import os
import sys
import pathlib
sys.path.append(“/home/osj/programmering/Python/lib”)
def getPathList():
home_dir = pathlib.Path.home()
try:
home_dir = home_dir / “libPathList”
file = open(home_dir, “r”)
home_dir = pathlib.Path.home() # Reset home_dir to home_dir
while True :
line = file.readline()
if line == ‘’:
break # Break the loop at end of file
if line[0] == “#” :
continue # If the line begins with a hash character (#)
# it’s a comment, continue with the next line.
newDir = home_dir / line # Create newDir as home_dir
# combined with line.
# Line is supposed to be the
# relative path to a python
# library the user has created.
newDir = newDir.as_posix() # Convert newDir to a string
sys.path.append(newDir.strip(‘\n’)) # Append the library directory
# to sys.path. Strip away any
# newline characters.
except FileNotFoundError:
# The file libPathList does not exist in the home directory
# of the user. Ignore it and do not modify the library search path.
pass