[Catalog-sig] Use user-specific site-packages by default?

M.-A. Lemburg mal at egenix.com
Tue Feb 5 08:42:13 CET 2013 

On 05.02.2013 02:36, Nick Coghlan wrote:
> Something that caught my attention in the recent security discussions
> is the observation that one of the most common insecure practices in
> the Python community is to run "sudo pip" with unsigned packages
> (sometimes on untrusted networks).
> 
> To my mind, this is a natural reaction to the user experience of pip:
> you run "pip install package", it complains it can't write to the
> system site packages directory, so you run "sudo pip install package"
> to give it the permissions it clearly wants.
> 
> If pip used the user site packages by default (when running as anyone
> other than root), that dangerous UI flow wouldn't happen. Even when
> pip was run outside a virtualenv, it would "just work" from the users
> perspective. It also has the advantage of keeping systems cleaner by
> default, since there will be a clear separation between system
> packages and pip-installed packages.
> 
> Thoughts?

-1. You'd be hiding a real problem by not telling the user that
there's a permission problem to think about.

Apart from that it's also not possible to do permission separation
when everything is installed under the user account, e.g. it
would be easy for malicious setup.pys to overwrite parts of the
already installed modules with versions that contain nasty
hooks, etc.

The latter is what eventually killed the moin installations on
wiki.python.org. The plugins directory was writeable by the
user and the whole situation very similar to the user packages
setup you are describing above.

-- 
Marc-Andre Lemburg
eGenix.com

Professional Python Services directly from the Source  (#1, Feb 05 2013)
>>> Python Projects, Consulting and Support ...   http://www.egenix.com/
>>> mxODBC.Zope/Plone.Database.Adapter ...       http://zope.egenix.com/
>>> mxODBC, mxDateTime, mxTextTools ...        http://python.egenix.com/
________________________________________________________________________

::::: Try our mxODBC.Connect Python Database Interface for free ! ::::::

   eGenix.com Software, Skills and Services GmbH  Pastor-Loeh-Str.48
    D-40764 Langenfeld, Germany. CEO Dipl.-Math. Marc-Andre Lemburg
           Registered at Amtsgericht Duesseldorf: HRB 46611
               http://www.egenix.com/company/contact/

More information about the Catalog-SIG mailing list