[Pythonmac-SIG] PackageManager maintainer questions
Kevin Ollivier
kevino@tulane.edu
Tue May 27 20:32:59 EDT 2003
On Tuesday, May 27, 2003, at 02:38 AM, Jack Jansen wrote:
>
> On Tuesday, May 27, 2003, at 08:49 Europe/Amsterdam, Ronald Oussoren
> wrote:
>>> Group writable means that any admin user can screw up or trojan
>>> the site's installation without being prompted for their password
>>> (ie. without using sudo).
>
> Definitely true, but this is already true for most Apple-installed
> stuff. do "ls -lR /Applications" to see what I mean:-)
>
>>> I don't think Andrew meant non-admin users either (or if he did,
>>> they shouldn't be able to do a site installation - they don't have
>>> admin
>>> for a reason!). Removing the need for a command line sudo invokation
>>> would require the package manager re-execing itself with sudo after
>>> prompting for a password (ala Fink), or using the padlock 'click the
>>> lock
>>> to make changes' priv. escalation widget (is this possible?)
>>
>> You'd have to write some C code to call the right API's, and the
>> privileged code would have to be in a seperate script/executable, but
>> otherwise it is quite doable.
>
> I think the functionality is in Launch Services. It is on my todo
> list, but it won't happen before 2.3 final.
>
>> BTW. Moving some logic into a seperate process might also help with
>> the problem that 'import wxPython' interferes with the runloop of the
>> PackageManager itself.
>
> Doable, but not easy. It would require putting a client/server stub
> between PackageManager and pimp.
Actually, thinking about this, what about using popen or something
similar and starting a separate instance of Python to run the module
installation test code? This would handle the case where, for whatever
reason, an extension or module caused a crash (i.e. corrupt
installation, etc.) without taking down PackageManager as well.
Thanks,
Kevin
More information about the Pythonmac-SIG
mailing list