On 01/10/13 20:59, Hartmut Goebel wrote:
Am 30.09.2013 22:01, schrieb Glenn Ramsey:
Security-Alert: try to store file outside of dist-directory. Aborting.
'../Plugins/Plugin_CgProgramManager.dylib'
This is using the develop branch, up to date (15983b2...). It was working
previously with 2.0.
This is intended to avoid overwriting files outside the dist-directory. If we
would not do this, one could overwrite data anywhere on your filesystem. This
kind of attack is call "directory traversal".
I understand that, but on a Mac this is still inside the application bundle and
files are allowed (and expected) to be put there.
For now I have worked around the issue by using my CMake script to copy the
files into the bundle, and run install_name_tool, after PyInstaller has finished.
Glenn
--
You received this message because you are subscribed to the Google Groups
"PyInstaller" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/pyinstaller.
For more options, visit https://groups.google.com/groups/opt_out.
