[Pythonmac-SIG] PackageManager maintainer questions
Jack Jansen
Jack.Jansen@cwi.nl
Tue May 27 10:38:52 EDT 2003
On Tuesday, May 27, 2003, at 08:49 Europe/Amsterdam, Ronald Oussoren
wrote:
>> Group writable means that any admin user can screw up or trojan
>> the site's installation without being prompted for their password
>> (ie. without using sudo).
Definitely true, but this is already true for most Apple-installed
stuff. do "ls -lR /Applications" to see what I mean:-)
>> I don't think Andrew meant non-admin users either (or if he did,
>> they shouldn't be able to do a site installation - they don't have
>> admin
>> for a reason!). Removing the need for a command line sudo invokation
>> would require the package manager re-execing itself with sudo after
>> prompting for a password (ala Fink), or using the padlock 'click the
>> lock
>> to make changes' priv. escalation widget (is this possible?)
>
> You'd have to write some C code to call the right API's, and the
> privileged code would have to be in a seperate script/executable, but
> otherwise it is quite doable.
I think the functionality is in Launch Services. It is on my todo list,
but it won't happen before 2.3 final.
> BTW. Moving some logic into a seperate process might also help with
> the problem that 'import wxPython' interferes with the runloop of the
> PackageManager itself.
Doable, but not easy. It would require putting a client/server stub
between PackageManager and pimp.
--
Jack Jansen, <Jack.Jansen@cwi.nl>, http://www.cwi.nl/~jack
If I can't dance I don't want to be part of your revolution -- Emma
Goldman
More information about the Pythonmac-SIG
mailing list