Relative PYTHONPATH in the docs
|Reported by:||alexkon||Owned by:|
|Has patch:||yes||Needs documentation:||no|
|Needs tests:||no||Patch needs improvement:||no|
In at least one place in the documentation you explicitly recommend setting the PYTHONPATH environment variable to a relative path:
PYTHONPATH=.. ./runtests.py --settings=settings generic_relations i18n
There is an obvious security risk associated with relative paths.
- Change the above line to something like PYTHONPATH=`pwd`/..
- Add a warning everywhere in the docs where you mention setting the PYTHONPATH variable that for security reasons it must contain absolute paths only.
Change History (7)
comment:1 Changed 6 years ago by jacob
- Needs documentation unset
- Needs tests unset
- Owner jacob deleted
- Patch needs improvement unset