On 15.5.2014 20:27, Jan Dubois wrote:
On Thu, May 15, 2014 at 11:10 AM, Chris Marshall<devel.chm...@gmail.com>  wrote:
Not familiar with MSI details but I hope any changes
won't be a problem for SPP which is useful because
it *doesn't* require special permissions---just enough
to create the folder...
This has nothing to do with MSI, but with putting a directory on the
PATH to which the user has write access.  Essentially all scripting
languages do this to allow the user to install additional modules
easily, but security companies like to put out alerts about this...


With ZIP and Portable it completely in user's hand how he|she created destination directory and with what filesystem permissions. This will not change.

It is not a new issue; here is the ActiveState position about the same
issue with ActivePerl:

https://community.activestate.com/node/9199

TL;DR: The default is more convenient for most users; it is trivial
for users to apply more restrictive ACLs if they are bothered about
it.

Yes, exactly the same issue and I guess also the solution will be the same :)

Thanks.

--
kmx

Reply via email to