On 10 May 2012 05:30, PJ Eby <[email protected]> wrote: > On Wed, May 9, 2012 at 6:42 PM, Rick van der Zwet <[email protected]> > wrote: >> >> Quite some time ago, their has been comments in the changelog (06.c4) >> stating that running easy_install without /dev/urandom should be >> possible: >> Fixed not allowing os.open() of paths outside the sandbox, even if >> they are opened read-only (e.g. reading /dev/urandom for random >> numbers, as is done by os.urandom() on some platforms). >> >> While this was back in 2006, I was wondering what the current state of >> affairs which regards of requiring the /dev/urandom as of today? Am I >> looking at a feature request, bug report or design limitation? > > > You're confusing easy_install's internal sandboxing with running > easy_install in a chroot environment. easy_install runs setup scripts in a > Python sandbox that disallows certain file accesses in order to handle > badly-coded setup.py files that copy files directly to guessed installation > locations, instead of relying on the distutils to do the copying. The > change notes you're reading are discussing *that* sandbox, which is internal > to Python/setuptools and is unrelated to chrooting.
Spot on, nice! Mounting /dev (mount -t devfs devfs /usr/local/sandbox/dev) before entering the sandbox will be the solution then. Thanks for explaining. /Rick -- http://rickvanderzwet.nl _______________________________________________ Distutils-SIG maillist - [email protected] http://mail.python.org/mailman/listinfo/distutils-sig
