mirror of
https://fuchsia.googlesource.com/third_party/github.com/pylint-dev/pylint
synced 2024-09-21 07:58:04 +00:00
51c646bf70
``python -m pylint ...`` adds the current working directory as the first element of ``sys.path``. This opens up a potential security hole where ``pylint`` will import user level code as long as that code resides in modules having the same name as stdlib or pylint's own modules. Close #3386
20 lines
586 B
Python
20 lines
586 B
Python
# Licensed under the GPL: https://www.gnu.org/licenses/old-licenses/gpl-2.0.html
|
|
# For details: https://github.com/PyCQA/pylint/blob/master/COPYING
|
|
|
|
#!/usr/bin/env python
|
|
import os
|
|
import sys
|
|
|
|
import pylint
|
|
|
|
# Strip out the current working directory from sys.path.
|
|
# Having the working directory in `sys.path` means that `pylint` might
|
|
# inadvertently import user code from modules having the same name as
|
|
# stdlib or pylint's own modules.
|
|
# CPython issue: https://bugs.python.org/issue33053
|
|
if sys.path[0] == "" or sys.path[0] == os.getcwd():
|
|
sys.path.pop(0)
|
|
|
|
|
|
pylint.run_pylint()
|