Giles Thomas wrote:
Dino Viehland wrote:
But it seems like CPython is the one who's doing something wrong here.
Another data point; easy_install under CPython using Vista with UAC
switched on tries to escalate permissions as you would expect -- the
normal grey screen, "please enter an administrator's details" thing --
and then happily installs the egg under C:\PythonXX\lib\site-packages,
owned by Administrator, with no read permissions for anyone else. So
you then have to go and find it and manually change the permissions if
you want to use it.
Somewhat orthogonal, but it does make it sound rather like the setup
with CPython is accidental rather than by deliberate choice.
I doubt it can be accidental - I think the changed permissions would
have to be done deliberately in the installer?
Historically Windows has made much less of a distinction between user
and system installed programs. On the Mac I need to sudo to install into
my *system* site-packages but not into the site-packages of a user
installed version of Python.
I still see it as a question of usability rather than security. (I'm
honestly not sure how creating a writable directory is a security
issue?) If the default install location of IronPython makes installing
and using Python packages with IronPython impossible for non-elevated
users then that is an extreme misfeature.
Michael
Cheers,
Giles
--
http://www.ironpythoninaction.com/
http://www.voidspace.org.uk/blog
_______________________________________________
Users mailing list
Users@lists.ironpython.com
http://lists.ironpython.com/listinfo.cgi/users-ironpython.com