Issue #16400: Add command line option for isolated mode.
-I
Run Python in isolated mode. This also implies -E and -s. In isolated mode
sys.path contains neither the script’s directory nor the user’s
site-packages directory. All PYTHON* environment variables are ignored,
too. Further restrictions may be imposed to prevent the user from
injecting malicious code.
diff --git a/Python/sysmodule.c b/Python/sysmodule.c
index 754bcfe..72004f8a 100644
--- a/Python/sysmodule.c
+++ b/Python/sysmodule.c
@@ -1369,6 +1369,7 @@
{"bytes_warning", "-b"},
{"quiet", "-q"},
{"hash_randomization", "-R"},
+ {"isolated", "-I"},
{0}
};
@@ -1376,7 +1377,7 @@
"sys.flags", /* name */
flags__doc__, /* doc */
flags_fields, /* fields */
- 12
+ 13
};
static PyObject*
@@ -1406,6 +1407,7 @@
SetFlag(Py_BytesWarningFlag);
SetFlag(Py_QuietFlag);
SetFlag(Py_HashRandomizationFlag);
+ SetFlag(Py_IsolatedFlag);
#undef SetFlag
if (PyErr_Occurred()) {
@@ -1944,7 +1946,7 @@
void
PySys_SetArgv(int argc, wchar_t **argv)
{
- PySys_SetArgvEx(argc, argv, 1);
+ PySys_SetArgvEx(argc, argv, Py_IsolatedFlag == 0);
}
/* Reimplementation of PyFile_WriteString() no calling indirectly