Can I take ownership of my Python OS X 'site-packages' directory (to avoid 'sudo')?
Question
Given the security issues associated with running sudo pip , is there any reason not to take ownership of my
/Library/Python/2.7/site-packages
directory on OS X with
chown -R $(whoami):admin /Library/Python/2.7/site-packages
I understand that there will still be some packages that ask for sudo (to write to other locations); but given that this will allow many packages to install without, is there any reason not to make this change of ownership?
I'm aware that Homebrew and virtual environments are good approaches too (I use both): this is specifically about cases involving packages in /Library/Python/2.7/site-packages , not any maintained by brew or virtualenv .
1 answers
solution1
0 2015-01-14 17:23:39
Having write access under your own account to system-wide programs and configuration information is extremely poor security practice. You don't want a runaway script to zap all the files there just because you were careless, or, worse, replace them with gobbledygook, or, still worse, surreptitiously replace them with insecure, backdoored versions.
You can't rule out these scenarios entirely with sudo , either, but this raises the barrier significantly.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.