From the course: Secure Coding in Python

Installing software with due caution - Python Tutorial

From the course: Secure Coding in Python

Start my 1-month free trial

Installing software with due caution

- [Instructor] A good rule of thumb when exploring new open source technologies is to ask yourself, "Would I pay $1,000 of my own money "to have this software in my project?" Associating free with a cost can sometimes help us declutter our software stack. While many packages and extensions can help us secure our application, there are others that simply add bloat to our project and the more clutter we have in our application, the greater the attack surface is and the more vulnerable we become to attacks. That being said, in order to have a Python project, you need a working installation of Python. So let's go ahead and download it. At the time of this recording, the official website for Python is python.org. Now it's important to check the spelling of the URL. There have been times when hackers bought domains that are similar to the domains of open source packages and developers then innocently downloaded very malicious software ending in catastrophic results. So I see python.org spelled correctly, and it's also important to keep in mind that we're downloading this via HTTPS. So at the time of this recording, Chrome is indicating that the connection is secure using the lock icon to the left of the URL. So if I go over to the download section, I will see that at the time of this recording, the latest version is 3.8.3. I'm going to go ahead and download it. Next, I'll click to unpack it. And I have a few steps to go through the installation, I'll click through and through. Agree. I'll be prompted for my password. Great. And that should be all. I'll click okay to move the installer to the trash. Now that we have Python installed, let's take a look at safe package installation and management.

Contents