Hi, I'm writing to seek a better understanding of how permissions should work in python on the Mac.
Out-of-the-MacPython-2.4-install box, files in /Library/Frameworks/ Python.framework/Versions/2.4/lib/python2.4 have permissions like these: -rw-rw-r-- 1 root admin 26255 Oct 18 01:39 zipfile.py -rw-rw-r-- 1 root admin 18931 Dec 6 22:14 zipfile.pyc -rw-rw-r-- 1 root admin 18931 Dec 6 22:14 zipfile.pyo In the site-packages directory, packages I installed (via macpython.com, e.g. numpy, Numeric, matplotlib, etc) have permissions like: drwxrwxr-x 41 501 admin 1394 Jul 5 20:11 Numeric/ drwxrwxr-x 157 501 admin 5338 Dec 9 20:57 matplotlib/ drwxr-xr-x 130 root admin 4420 Dec 7 04:39 numarray/ drwxrwxr-x 47 501 admin 1598 Oct 27 16:54 numpy/ drwxrwxr-x 6 501 admin 204 Oct 27 16:54 numpy-1.0-py2.4.egg- info/ -rw-rw-r-- 1 501 admin 31 Oct 26 06:26 pylab.py -rw-rw-r-- 1 501 admin 205 Oct 30 10:15 pylab.pyc -rw-rw-r-- 1 501 admin 205 Oct 30 10:15 pylab.pyo drwxrwxr-x 43 501 admin 1462 Sep 17 18:04 scipy/ drwxrwxr-x 6 501 admin 204 Sep 17 18:04 scipy-0.5.1- py2.4.egg-info/ drwxr-xr-x 10 bthom admin 340 Dec 7 01:33 setuptools-0.6c3- py2.4.egg/ -rw-r--r-- 1 bthom admin 29 Dec 7 01:33 setuptools.pth drwxrwxr-x 4 root admin 136 Jul 15 16:03 wx-2.6-mac-unicode/ -rw-r--r-- 1 root admin 18 Jul 15 16:03 wx.pth drwxr-xr-x 4 root admin 136 Jul 15 16:03 wxaddons/ -rw-r--r-- 1 root admin 17813 Jan 20 2006 wxversion.py Is there a reason why these packages have owner 501? And is there a reason why group have read access? I'd have thought the best way to install something that are supposed to work as-is would be to have root as owner, giving sole write permissions to owner. (Then to modify something, you'd have to sudo). I'm beginning to realize its not that simple. For instance, the first time I (w/admin privs) try and edit a file (e.g. zipfile.py), TextEdit asks if I'd like to overwrite the permissions on save. Saying yes overwrites the file. The disturbing thing is that on future opens (even after TextEdit's been closed) I am no longer asked; overwriting saves occur automatically. Fortunately, when I created another user w/o admin permissions, overwriting when logged in as this less priv'd user didn't seem to be an option. ...but I'd like to protect against myself (this is esp. true b/c I use ipython w/in xemacs w/%pdb on, so I'm often dumped into the editor w/a file like bpd.py). Some more poking in a package directory (e.g. matplotlib) shows permissions like: -rw-rw-r-- 1 root admin 40789 Oct 26 09:30 __init__.py -rw-r--r-- 1 bthom admin 39389 Dec 10 21:02 __init__.pyc -rw-rw-r-- 1 root admin 30134 Oct 30 10:15 __init__.pyo What's interesting here is that pyc is owned by me (perhaps b/c it was compiled via my first call to __init__.py). However, I'm pretty sure what I installed off macpython.com was binarys---so there should be no need to compile the files, right? Again, I (perhaps naively) would feel better if all of these files were owned by root (and that only root could override them). Security issues become even more important as students will be using python/ipython from the same machine. Perhaps I'm missing something really basic (would a Finder view to permissions provide better control?). Or perhaps the ability to not protect as tightly against myself as admin as I'd have liked is a "feature". What have others done wrt this issue? Thanks, --b _______________________________________________ Pythonmac-SIG maillist - Pythonmac-SIG@python.org http://mail.python.org/mailman/listinfo/pythonmac-sig
