Dino Viehland wrote:
Michael wrote:
Curt Hagenlocher wrote:
In principle, allowing unprivileged users to install code into a
location where it can unknowingly be accessed by privileged users is a
security problem. A "per-user" approach is the right one.
Unknowingly?
I've just installed some software. Installing that software required that
I elevate to admin and left that software in a typically global location
on my machine (either C:\... or C:\Program Files\...) where my normal user
account does not have writes to access.
What's the least surprising - that the global location is now suddenly
writable or that the global location remains writable only be
administrators?
Your answer seems orthogonal to the question I asked.
As you answered my question with a question perhaps I can do the same:
A user has an installed version of Python and an installed version of
IronPython. He wishes to install a library for both IronPython and
Python so he runs:
python setup.py install
ipy.exe setup.py install
The first succeeds, naturally. Are you saying that it would be *more*
surprising if the second succeeded?
Unfortunately at the moment it fails silently, but an "access denied"
error would not be much more helpful.
All the best,
Michael
_______________________________________________
Users mailing list
Users@lists.ironpython.com
http://lists.ironpython.com/listinfo.cgi/users-ironpython.com
--
http://www.ironpythoninaction.com/
http://www.voidspace.org.uk/blog
_______________________________________________
Users mailing list
Users@lists.ironpython.com
http://lists.ironpython.com/listinfo.cgi/users-ironpython.com