FYI:
On Leopard, "sudo" filters environment variables, including PYTHONPATH.
I have not tested this with MacPorts yet; I've been running MacPorts
as a "normal" user without sudo. Will this matter for MacPorts?
Running "sudo -V" as root shows sudo's settings; part of that is
environment variables that it will not pass on or that it will
check for dangerous content.
On Nov 2, 2007, at 2:59 PM, Boyd Waters wrote:
One work-around is to add this line to /etc/sudoers:
Defaults env_keep += "PYTHONPATH"
But that would involve editing a file in /etc as root.
Straightforward enough, but likely to get overwritten and what if
the user screws this up?
So Plan B -
what if you added something in a .pth file in /Library/Python/2.5/
site-packages that re-orders the sys.path?
Wouldn't that always work?
On Nov 2, 2007, at 2:49 PM, Boyd Waters wrote:
On Nov 2, 2007, at 10:16 AM, Brian Granger wrote:
First, if you have set PYTHONPATH to point
sys.path at the site-packages in /Library, this setting will be lost
when you do:
sudo python setup.py install
Ouch, another good one...
This is almost certainly not a bug, but rather a security feature.
The administrator can add a line to the sudoers file:
Defaults env_reset
that will reset the environment to only contain the variables
HOME, LOGNAME,
PATH, SHELL, TERM, and USER, preventing this attack.
_______________________________________________
macports-dev mailing list
macports-dev@lists.macosforge.org
http://lists.macosforge.org/mailman/listinfo/macports-dev
