[Distutils] [jerome: Re: real vs effective user id]
alet at librelogiciel.com
Tue Jun 12 09:46:40 CEST 2007
On Mon, Jun 11, 2007 at 07:51:27PM -0400, Phillip J. Eby wrote:
> > 6 - Besides not having to rewrite the expanduser() method, is
> > there a valid reason why setuptools checks with the real
> > user's home directory instead of with the effective one ?
> > If not, then I propose to write the patch. If yes, then
> > which one ?
> A patch to replace expanduser would be fine; please make sure,
> however, that it falls back to use of expanduser in the event of an error.
Attached to this message you'll find the patch.
It only uses the effective user id to check for the .python-eggs
directory if the one returned by os.path.expanduser() is not
writeable, so for most people the actual behavior remains, and
the impact is limited to applications which change the effective
Here's what it does :
Python 2.4.4 (#2, Apr 26 2007, 00:02:45)
[GCC 4.1.2 20061115 (prerelease) (Debian 4.1.1-21)] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import os
>>> os.getuid(), os.geteuid()
>>> from pkg_resources import get_default_cache
I understand that this patch doesn't always improve the situation :
since you've said the directory is computed only once for a particular
process, importing a setuptools-installed module as root before
doing the seteuid call and then importing another setuptools-installed
directory after the seteuid call, would probably still give the
same import error as before, but at least it should help in
*some* situations. And finally it can probably serve as a basis
hoping this helps anyway.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 1396 bytes
Desc: not available
Url : http://mail.python.org/pipermail/distutils-sig/attachments/20070612/7617dd73/attachment.bin
More information about the Distutils-SIG