I got a second-hand report of a security problem with the way the
inferior interpreter works in my Python mode. There are patches to work
around it below for python-21.el (for Emacs 21) and python.el (for Emacs
22) as well as one which will apply against the forked mode from Emacs
22, although I wouldn't recommend using that version.

There's an explanation in the commentary added by the patch. I assume,
but don't know, that this is also appropriate for other systems like MS
Windows. I've only checked on GNU/Linux, and the Python documentation
says the module-loading behaviour is system-dependent.

The current versions of the mode are under
<URL:http://www.loveshack.ukfsn.org/emacs/>.

--- python-21.el 2008/02/23 14:38:13 1.59
+++ python-21.el 2008/09/10 09:59:25
@@ -1475,6 +1476,10 @@
default `python-command', or argument NEW is non-nil. See also the
documentation for `python-buffer'.

+Note that, as a security measure, modules won't be loaded from the
+current directory if this command is invoked initially in a
+world-writable directory.
+
Runs the hook `inferior-python-mode-hook'...

I realize that to make diffs for the fixes I posted before, I
transferred edits from before I checked (and corrected!) them on a
different system to where the repo is; bother. Here are fixed patches
that don't produce a constant result from the test.

Full source is at <URL:http://www.loveshack.ukfsn.org/emacs/>.

--- python-21.el 2008/02/23 14:38:13 1.59
+++ python-21.el 2008/09/10 09:59:25
@@ -1475,6 +1476,10 @@
default `python-command', or argument NEW is non-nil. See also the
documentation for `python-buffer'.

+Note that, as a security measure, modules won't be loaded from the
+current directory if this command is invoked initially in a
+world-writable directory.
+
Runs the hook `inferior-python-mode-hook'...