Sorry, I forgot to CC the list.
--- Begin Message ---
On Mon, Jun 11, 2007 at 01:57:38PM -0400, Phillip J. Eby wrote:
> >
> >then setuptools tries to play with root's .python-eggs directory instead
> >of ~effective_user/.python-eggs/, because of the way os.path.expanduser()
> >works (line 1039 in pkg_resource.py)
>
> In these types of situations, it's best to set the PYTHON_EGG_CACHE
> path explicitly, either via the environment variable or code.
This is effectively what I had to do to fix the problem for my
client, however this was completely unexpected because I can't
control how different people install third party modules like this
one. Considering that some imports will be done before the seteuid()
call and some after, setting the environment variable would have to
be done twice (for example), otherwise you might end up with root
owned directories into an otherwise user-owned directory, and this
might introduce further permission problems on different apps
run by the same unpriviledged user but requiring the same modules.
Wouldn't it be better to use the effective user id when expanding
the user's home directory in setuptools or in Python ?
I understand that modifying the way Python's standard library behaves
is problematic, but setuptools is v0.x so maybe this is still doable.
I volunteer to create a patch for setuptools if you want.
bye
Jerome Alet
--- End Message ---
_______________________________________________
Distutils-SIG maillist - [email protected]
http://mail.python.org/mailman/listinfo/distutils-sig
