[Python-ideas] from __pip__ import
Steven D'Aprano
steve at pearwood.info
Mon Sep 19 21:38:28 EDT 2016
On Mon, Sep 19, 2016 at 11:35:39PM +0000, אלעזר wrote:
> Xavier, how is connecting and installing different from a windows popup
> "this software requires changes to your firewall settings" or "requires
> elevated privileges" which already happens. I am all for a two-step
> process, but I think it should be more user friendly, and it can be done as
> a Python command from inside the script.
Installing dependencies must be a separate step from running the code.
You personally might not care, but some people *do* care. They may have
policies about downloading, or even legal requirements about what
software they install and run, and so need to vet dependencies, not just
blindly install whatever packages are required by a module.
They may need authority to install. I don't mean account privileges, I
mean they may need their manager's approval. Perhaps the legal
department needs to check the licence terms. Perhaps they need to pay
for a licence, or get approval to spend the money on a licence. Or they
may have a policy of "no unapproved software" because they are legally
required to run a specific, known set of software which has been
audited, not just any old rubbish they've downloaded off the internet.
Or maybe they just don't trust any old rubbish available on the internet
and want the choice of whether or not to install it.
I know places where it is a firing offence, with no warnings or second
chances, to download and install unapproved software on work computers.
Your suggestion would make it unsafe to use Python in such an
environment.
(Of course any Python script *could* try to reach out to the internet to
download code, but the risk of this is low. But if the Python language
had a built-in command to do this, the risk would be magnified.)
> If I send you a small script, it should be treated in the same way as if I
> send you a program - an installer - not as a code that you should
> incorporate into your already existing code base.
Some scripts are installers. Some scripts are not. You cannot assume
that all scripts should be treated as installers. I normally run scripts
as an unprivileged user. Even if I don't trust the code, the worst that
happens is limited by the privileges of that user. But installers
generally require greater trust and greater privileges -- I might run
them as root, or using sudo, otherwise the installation will fail.
Keeping installation and execution as separate steps is a security
measure.
--
Steve
More information about the Python-ideas
mailing list