[issue5802] The security descriptors of python binaries in Windows are not strict enough
report at bugs.python.org
Sun Feb 28 21:07:26 CET 2010
Hong Chen <cn.hongchen at gmail.com> added the comment:
Sorry for the delay, it's been a busy month.
I just tried python 3.1 If installed under c:\program files, the
access control list would be correct, only system & administrator
accounts get the modify privilege.
The default installation is to c:\python31, in which the access
control list has the issue that unprivileged users can modify it.
I guess a possible remedy to this is that after installation, the
setup program can just remove "authenticated users" from the access
control list, or at least remove the "modify" privilege from the
On Mon, Feb 8, 2010 at 7:23 AM, Brian Curtin <report at bugs.python.org> wrote:
> Brian Curtin <curtin at acm.org> added the comment:
> Is the situation any different if you install Python to "C:\Program Files"? This seems to be at least part of the reason IronPython installs to "C:\Program Files", which was discussed on the IronPython list  a few months ago.
>  http://lists.ironpython.com/pipermail/users-ironpython.com/2009-October/011345.html
> nosy: +brian.curtin
> Python tracker <report at bugs.python.org>
Python tracker <report at bugs.python.org>
More information about the Python-bugs-list