The man page for Python (3.4 and 3.5) says:   -I     Run Python in isolated mode. This also implies  -E  and  -S.  In          isolated  mode  sys.path  contains neither the scripts directory          nor the users site-packages directory. All  PYTHON*  environment          variables are ignored, too.  Further restrictions may be imposed          to prevent the user from injecting malicious code.But the code says:-I     : isolate Python from the user's environment (implies -E and -s)and the code to handle -I does:        case 'I':            Py_IsolatedFlag++;            Py_NoUserSiteDirectory++;            Py_IgnoreEnvironmentFlag++;            break;where Py_NoUserSiteDirectory is the variable corresponding to the -s flagrather than the -S flag.  But it seems like -I should really imply both-s and -S.  So I am filing this bug primarily to find out whether or notit really should be both.  If so, great: a patch is attached; detailsbelow.  But if not, then the man page should be corrected.The rest of this is written under the assumption that -I should imply -Sas well as -s.Background: depending on which packages are installed on different Solarissystems, test_site passes or not.  Certain packages (e.g., dogpile.core,dogpile.cache, repoze.lru) that have a .pth file with "import types"which results in test_site.StartupImportTests failing because types hasbeen imported which is in the list of collections modules, none of whichare expected to be imported.  So we thought "well, -S should fix that"then noticed the man page saying -I implied -S which is how we got here.Tweaking the code and man page so -I does imply -S was trivial.  But threeother changes were needed:1. In test_site.py, test_startup_imports() asserted that 'site' was in the   list of modules that had been imported.  This is no longer true, so I   deleted the assert.2. test_inspect failed because of a name error, that turned out to be   inspect.py calling exit instead of sys.exit.  So the attached patch   corrects both of those.  This fix is probably generally applicable   even if the "-I should imply both -S and -s" assumption turns out to   be false.3. test_venv failed because it and the venv module were using -I to imply   -s and -E but not -S.  Changing three instances of "-Im" to "-Esm"   (one inLib/venv/__init__.py, the other two inLib/test/test_venv.py)   fixed this.  However, even if the "-I should imply both -S and -s"   assumption is true, this change may not be desirable in the general   case, but needed because of Solaris' hacky work-around forissue   1298835 not yet being fixed.'   I.e., we ship /usr/lib/python3.4/site-packages/vendor-packages.pth   with the one line:   import site; site.addsitedir('/usr/lib/python3.4/vendor-packages')   (likewise for other versions).   So this may not be desirable in general, but I mention it for the   sake of completeness.

Adding Christian Heimes to the nosy list; as the author of the fix forissue 16499, he seems an excellent person to answer the question andoffer advice on the approaches discussed herein.

The isolated mode implies -E (ignore env vars) and -s (don't add user site directory). The code and tests are correct, just the man page is wrong. The site module is still loaded in -I mode as it doesn't impose any security implications.I'd looks like I made a typo indd0d751cc7f1 and used upper case instead of lower case for python.man.

Thank you very much for clarifying that.  I have updated the bug Titleaccordingly.

New changesetd774401879d8 by Ned Deily in branch '3.4':Issue#24077: Fix typo in man page for -I command option: -s, not -S.https://hg.python.org/cpython/rev/d774401879d8New changeset493b3310d5d0 by Ned Deily in branch 'default':Issue#24077: merge from 3.4https://hg.python.org/cpython/rev/493b3310d5d0

Thanks for the report, John!