[Distutils] Security issue with Distutils register is still actual
Tarek Ziadé
ziade.tarek at gmail.com
Wed Nov 3 12:35:04 CET 2010
On Wed, Nov 3, 2010 at 10:47 AM, anatoly techtonik <techtonik at gmail.com> wrote:
> Hello,
>
> Does anybody care that PyPI password are stored in a well-known
> location in cleartext and developers are forced to store them when
> they submit packages for review?
> http://bugs.python.org/issue9995
>
We have hundreds of bugs to fix for distutils. If you propose a patch
+ test, things will speed up.
There are already tests for various register/upload scenarii, so it
should not be hard to copy-paste one to create your test
> --
> anatoly t.
> _______________________________________________
> Distutils-SIG maillist - Distutils-SIG at python.org
> http://mail.python.org/mailman/listinfo/distutils-sig
>
--
Tarek Ziadé | http://ziade.org
More information about the Distutils-SIG
mailing list