[Distutils] [jerome: Re: real vs effective user id]

Jerome Alet alet at librelogiciel.com
Tue Jun 12 09:46:40 CEST 2007 

Hello,

On Mon, Jun 11, 2007 at 07:51:27PM -0400, Phillip J. Eby wrote:

> >  6 - Besides not having to rewrite the expanduser() method, is
> >      there a valid reason why setuptools checks with the real
> >      user's home directory instead of with the effective one ?
> >      If not, then I propose to write the patch. If yes, then
> >      which one ?
> 
> A patch to replace expanduser would be fine; please make sure, 
> however, that it falls back to use of expanduser in the event of an error.

Attached to this message you'll find the patch.

It only uses the effective user id to check for the .python-eggs
directory if the one returned by os.path.expanduser() is not
writeable, so for most people the actual behavior remains, and
the impact is limited to applications which change the effective
user id.

Here's what it does :

ad-port53-2:/home/jerome/setuptools-0.6c6# python
Python 2.4.4 (#2, Apr 26 2007, 00:02:45) 
[GCC 4.1.2 20061115 (prerelease) (Debian 4.1.1-21)] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import os
>>> os.getuid(), os.geteuid()
(0, 0)
>>> from pkg_resources import get_default_cache
>>> get_default_cache()
'/root/.python-eggs'
>>> os.setegid(500)
>>> os.seteuid(500)
>>> get_default_cache()
'/home/jerome/.python-eggs'
>>> 

I understand that this patch doesn't always improve the situation :
since you've said the directory is computed only once for a particular
process, importing a setuptools-installed module as root before
doing the seteuid call and then importing another setuptools-installed
directory after the seteuid call, would probably still give the 
same import error as before, but at least it should help in
*some* situations. And finally it can probably serve as a basis
for discussion.

hoping this helps anyway.

bye

Jerome Alet
-------------- next part --------------
A non-text attachment was scrubbed...
Name: pkg_resources.py.patch
Type: text/x-diff
Size: 1396 bytes
Desc: not available
Url : http://mail.python.org/pipermail/distutils-sig/attachments/20070612/7617dd73/attachment.bin

More information about the Distutils-SIG mailing list