A lot of functions called with the wrong set of arguments may have unexpected consequences ranging from slightly annoying, think os.mkdir('false'), to utterly catastrophic, think shutil.rmtree('/', True). Serious use of pytest-wish require operating-system level isolation, e.g. a dedicated user or even better a dedicated container.
Is there anything we can done to help users properly sandbox pytest-nodev, without adding tons of complexity?
Ideas:
[ ] Keep a blacklist of well known dangerous objects. [ongoing]
[ ] Only run when OS users are explicitly declared as safe, e.g. test presence of '~/.sandbox_user_safe_to_rm-rf_anything' file.
Adding full support for creating containers and running test inside them is the definitive answer, but it would need its own package.
The README says:
Is there anything we can done to help users properly sandbox pytest-nodev, without adding tons of complexity?
Ideas:
Adding full support for creating containers and running test inside them is the definitive answer, but it would need its own package.