Ok, I see. To be honest I read that as "keep your PYTHONPATH sane". I think that's a bit different from worrying about someone having write access to the source, but still related - point taken.
CVE-2008-5983 (https://bugs.python.org/issue5753) "Untrusted search path vuln... prepends an empty string to sys.path when the argv[0] argument does not contain a path separator"
Check out the "yes"es in the "fixed" column in comment at https://bugs.python.org/msg85966