#5753: update demo.c to use PySys_SetArgvEx(), and add a comment

author Andrew M. Kuchling <amk@amk.ca>

Fri, 11 Jun 2010 00:16:08 +0000 (00:16 +0000)

committer Andrew M. Kuchling <amk@amk.ca>

Fri, 11 Jun 2010 00:16:08 +0000 (00:16 +0000)
author Andrew M. Kuchling <amk@amk.ca>
Fri, 11 Jun 2010 00:16:08 +0000 (00:16 +0000)
committer Andrew M. Kuchling <amk@amk.ca>
Fri, 11 Jun 2010 00:16:08 +0000 (00:16 +0000)
diff --git a/Demo/embed/demo.c b/Demo/embed/demo.c

index 55bc8087d693671b2606fa5ecc1468e3dbd797b1..00c5a0e66e022da742bbc961e53de6d49e7eb94e 100644 (file)
--- a/Demo/embed/demo.c
+++ b/Demo/embed/demo.c
@@ -16,10 +16,19 @@ main(int argc, char **argv)
      initxyzzy();
  
      /* Define sys.argv.  It is up to the application if you
-       want this; you can also let it undefined (since the Python
+       want this; you can also leave it undefined (since the Python
         code is generally not a main program it has no business
-       touching sys.argv...) */
-    PySys_SetArgv(argc, argv);
+       touching sys.argv...) 
+
+       If the third argument is true, sys.path is modified to include
+       either the directory containing the script named by argv[0], or
+       the current working directory.  This can be risky; if you run
+       an application embedding Python in a directory controlled by
+       someone else, attackers could put a Trojan-horse module in the
+       directory (say, a file named os.py) that your application would
+       then import and run.
+    */
+    PySys_SetArgvEx(argc, argv, 0);
  
      /* Do some application specific code */
      printf("Hello, brave new world\n\n");
author	Andrew M. Kuchling <amk@amk.ca>
	Fri, 11 Jun 2010 00:16:08 +0000 (00:16 +0000)
committer	Andrew M. Kuchling <amk@amk.ca>
	Fri, 11 Jun 2010 00:16:08 +0000 (00:16 +0000)