471,354 Members | 1,784 Online
Bytes | Software Development & Data Engineering Community
Post +

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 471,354 software developers and data experts.

virtualpython / workingenv / virtualenv ... shouldn't this be part of python

There are several attempts to allow python to work with per user (or even
per session) 'site-packages' like virtualpython / workingenv / virtualenv.

But they all have their own shortcomings and quirks.

My question is, shoudn't it be enough to set PYTHONPATH and everything
automagically to work then? Is there some work done on this for python 3.0
or 2.6 perhaps?
--
damjan
Jan 11 '08 #1
4 1125
Damjan wrote:
My question is, shoudn't it be enough to set PYTHONPATH and everything
automagically to work then? Is there some work done on this for python 3.0
or 2.6 perhaps?
I'm working on a PEP for a per user site dir for 2.6 and 3.0

Christian

Jan 11 '08 #2
On Jan 11, 11:45 am, Christian Heimes <li...@cheimes.dewrote:
Damjan wrote:
My question is, shoudn't it be enough to set PYTHONPATH and everything
automagically to work then? Is there some work done on this for python 3.0
or 2.6 perhaps?

I'm working on a PEP for a per user site dir for 2.6 and 3.0

Christian
What about security holes, like a malicious version of socket getting
downloaded into a user's directory, and overriding the default, safe
version? Don't forget that in your PEP.
Jan 11 '08 #3
Goldfish wrote:
What about security holes, like a malicious version of socket getting
downloaded into a user's directory, and overriding the default, safe
version? Don't forget that in your PEP.
A malicious piece of software has already hundreds of way to overwrite
modules. It could add a python executable to ~/bin and add ~/bin to
PATH. it could modify .bashrc and add PYTHONPATH. Or it could drop some
site.py and sitecustomize.py files in various directories.

If you allow malicious or potential harmful software to write in your
home directory you are lost. The new feature doesn't add new attack
vectors.

Christian

Jan 11 '08 #4
>My question is, shoudn't it be enough to set PYTHONPATH and everything
>automagically to work then? Is there some work done on this for python
3.0 or 2.6 perhaps?

I'm working on a PEP for a per user site dir for 2.6 and 3.0
great .. can't hardly wait.

--
damjan
Jan 15 '08 #5

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

8 posts views Thread by ssecorp | last post: by
1 post views Thread by Randall Smith | last post: by
reply views Thread by Maric Michaud | last post: by
8 posts views Thread by Derek Martin | last post: by
reply views Thread by James Mills | last post: by

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.