On 05.02.2013 02:36, Nick Coghlan wrote: > Something that caught my attention in the recent security discussions > is the observation that one of the most common insecure practices in > the Python community is to run "sudo pip" with unsigned packages > (sometimes on untrusted networks). > > To my mind, this is a natural reaction to the user experience of pip: > you run "pip install package", it complains it can't write to the > system site packages directory, so you run "sudo pip install package" > to give it the permissions it clearly wants. > > If pip used the user site packages by default (when running as anyone > other than root), that dangerous UI flow wouldn't happen. Even when > pip was run outside a virtualenv, it would "just work" from the users > perspective. It also has the advantage of keeping systems cleaner by > default, since there will be a clear separation between system > packages and pip-installed packages. > > Thoughts?
-1. You'd be hiding a real problem by not telling the user that there's a permission problem to think about. Apart from that it's also not possible to do permission separation when everything is installed under the user account, e.g. it would be easy for malicious setup.pys to overwrite parts of the already installed modules with versions that contain nasty hooks, etc. The latter is what eventually killed the moin installations on wiki.python.org. The plugins directory was writeable by the user and the whole situation very similar to the user packages setup you are describing above. -- Marc-Andre Lemburg eGenix.com Professional Python Services directly from the Source (#1, Feb 05 2013) >>> Python Projects, Consulting and Support ... http://www.egenix.com/ >>> mxODBC.Zope/Plone.Database.Adapter ... http://zope.egenix.com/ >>> mxODBC, mxDateTime, mxTextTools ... http://python.egenix.com/ ________________________________________________________________________ ::::: Try our mxODBC.Connect Python Database Interface for free ! :::::: eGenix.com Software, Skills and Services GmbH Pastor-Loeh-Str.48 D-40764 Langenfeld, Germany. CEO Dipl.-Math. Marc-Andre Lemburg Registered at Amtsgericht Duesseldorf: HRB 46611 http://www.egenix.com/company/contact/ _______________________________________________ Catalog-SIG mailing list [email protected] http://mail.python.org/mailman/listinfo/catalog-sig
