[Python-Dev] 3.5 release schedule PEP
Steve Dower
Steve.Dower at microsoft.com
Wed Sep 24 23:29:25 CEST 2014
> Mike Miller wrote:
> Paul Moore wrote:
>>> One thing that I presume would be an issue. Isn't Program Files
>>> protected in newer versions of Windows?
>
> Yes, that's the feature that protects from malicious users/code editing "import
> os" to run "format c:\", spam your address book, or look for credit card
> numbers, etc.
>
> It is the same on Mac and other Unix systems, even Windows since Vista came out,
> almost 10 years ago.
>
>>
>> This is my main concern. Until pip install --user is the default (or
>> the fallback if there are no write permissions on the destination),
>>> real-life experience, certainly. But I would suggest carefully
>>> checking before making the switch.
>
> Windows users know how to elevate now, especially developer types.
Sure, but there are plenty of not-quite developer types using Python, plenty using locked down machines, and plenty who simply don't trust arbitrary code when it wants to elevate. The ability to become an admin does not preclude the need to support non-admin users.
> It should be billed as a "feature for your protection" not something to be
> feared. Microsoft decided security was worth the pain of changing over its
> billions of users. Why not Python?
>
> In my experience pip --user works just fine also. We use it on our unmanned
> media players successfully.
This is good to know. Maybe we aren't as far away as we think.
> We also write Windows services, which run under a system account, where it is
> imperative everything is running from a secure file system.
>
>> A good reason to decide early on a change like this,
>> or at least to promote it as an option in 3.5 and make it the default in 3.6.
>
> It's already an option! It always has been --> Custom install. I can't remember
> a time when it didn't work perfectly.
Agreed. I mean it'll become an obvious option (one of the radio buttons at the start), and eventually the default option.
As a slight aside, do you enable the option to compile PYC/PYO files on install? Unless your users are running as admin, you won't get caching on these for the stdlib when it's installed into Program Files.
Cheers,
Steve
> -Mike
More information about the Python-Dev
mailing list