One of the wonderful things about Python is the ease with which you can start writing a script - just drop some code into a
.py file, and run
python my_file.py. Similarly it’s easy to get started with modularity: split
my_lib.py, and you can
import my_lib from
my_app.py and start organizing your code into modules.
Python needs a safe space to load code from
Your “Downloads” folder isn’t safe
Composing the attack
If you’re running a Python application that’s been installed properly on your computer, the only location outside of your Python install or virtualenv that will be automatically added to your
sys.path(by default) is the location where the main executable, or script, is installed.