Skip to content

Simplifies alias search path sanitisation. #301

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
zooba merged 1 commit into from
Mar 31, 2026
+11 −10
Merged

Simplifies alias search path sanitisation. #301

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
21 changes: 11 additions & 10 deletions src/manage/aliasutils.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,19 +10,20 @@

DEFAULT_SITE_DIRS = ["Lib\\site-packages", "Scripts"]

# Our script removes sys.path[0] if empty to avoid trivial search path hijacks.
# In virtually all cases it should be the directory where our scripts are
# generated, which has no importable packages (unless there are unauthorised
# modifications, which are out of scope for our security threat model).
# We don't try to be any more clever, since we don't know what kind of
# interpreter we are running inside - this script may be generated for any
# arbitrary executable installed by PyManager, and so it's possible that
# sys.path[0] is already sanitised or entirely unrelated.

SCRIPT_CODE = """import sys

# Clear sys.path[0] if it contains this script.
# Be careful to use the most compatible Python code possible.
try:
if sys.path[0]:
if sys.argv[0].startswith(sys.path[0]):
sys.path[0] = ""
else:
open(sys.path[0] + "/" + sys.argv[0], "rb").close()
sys.path[0] = ""
except OSError:
pass
if not sys.path[0]:
del sys.path[0]
except AttributeError:
pass
except IndexError:
Expand Down
Loading