[satyenr]

Download and run code written by strangers without understanding what it does — what could possibly go wrong?

https://www.zdnet.com/article/two-malicious-python-libraries...

Ironic that this was published today. :-)

[janpot]

> Download and run code written by strangers without understanding what it does

Like a web browser does?

[tyingq]

There's certainly a risk difference with code that runs in a reasonably well thought out sandbox.

[satyenr]

That — and I am not a big fan of browsers getting more and more access to the hardware/OS over time.

[mark-r]

That means being beholden to native apps on every platform if you want to do anything at a lower level. I'm not sure that's a better solution.