New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Extraction location for python eggs #1

Open

SamuelDudley opened this issue Jul 17, 2016 · 1 comment

Assignees

Labels

Member

SamuelDudley commented Jul 17, 2016

When the files from the web application are extracted the following warning occurs:

/usr/lib/python2.7/dist-packages/pkg_resources.py:1031: UserWarning: /home/uas/.python-eggs is writable by group/others and vulnerable to attack when used with get_resource_filename. Consider a more secure location (set with .set_extraction_path or the PYTHON_EGG_CACHE environment variable).
warnings.warn(msg, UserWarning)

As I see it there are a few ways to handle this warning:

Change the permissions for ~/.python-eggs with chmod g-wx,o-wx ~/.python-eggs
Set the extraction path to a user defined location at runtime via .set_extraction_path or PYTHON_EGG_CACHE
Suppress / ignore it

I'm not sure if this is an issue on Windows, but option 1 wont work for that use case.

The text was updated successfully, but these errors were encountered:

SamuelDudley self-assigned this

SamuelDudley added the help wanted label

Member Author

SamuelDudley commented Feb 20, 2017

Could possibly use tempfile.mkdtemp to set up a temp directory for the user and set the .set_extraction_path to this location.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment