Re: PYTHONHTTPSVERIFY env var
[Posted May 13, 2015 by corbet]
| From: |
| Nick Coghlan <ncoghlan-AT-gmail.com> |
| To: |
| Donald Stufft <donald-AT-stufft.io> |
| Subject: |
| Re: PYTHONHTTPSVERIFY env var |
| Date: |
| Tue, 12 May 2015 21:19:55 +1000 |
| Message-ID: |
| <CADiSq7fCAfMb+G6FZq+WiTraMdicSr6wi+YfyoaAMw0wpTP78Q@mail.gmail.com> |
| Cc: |
| python-dev <python-dev-AT-python.org>, "M.-A. Lemburg" <mal-AT-egenix.com> |
| Archive‑link: | |
Article |
On 12 May 2015 at 21:17, Nick Coghlan <ncoghlan@gmail.com> wrote:
> Both of those make sense to me as cases where the environment variable
> based security downgrade approach is the "least bad" answer available,
> which is why I eventually agreed it should be one of the
> recommendations in the PEP.
It occurs to me that the subtitle of PEP 493 could be "All software is
terrible, but it's often a system administrator's job to make it run
anyway" :)
Cheers,
Nick.
--
Nick Coghlan | ncoghlan@gmail.com | Brisbane, Australia
