1

Given the security issues associated with running sudo pip, is there any reason not to take ownership of my 

/Library/Python/2.7/site-packages

directory on OS X with

chown -R $(whoami):admin /Library/Python/2.7/site-packages

I understand that there will still be some packages that ask for sudo (to write to other locations); but given that this will allow many packages to install without, is there any reason not to make this change of ownership?

I'm aware that Homebrew and virtual environments are good approaches too (I use both): this is specifically about cases involving packages in /Library/Python/2.7/site-packages, not any maintained by brew or virtualenv.

Community
  • 1
  • 1
orome
  • 45,163
  • 57
  • 202
  • 418

1 Answers1

0

Having write access under your own account to system-wide programs and configuration information is extremely poor security practice. You don't want a runaway script to zap all the files there just because you were careless, or, worse, replace them with gobbledygook, or, still worse, surreptitiously replace them with insecure, backdoored versions.

You can't rule out these scenarios entirely with sudo, either, but this raises the barrier significantly.

tripleee
  • 175,061
  • 34
  • 275
  • 318
  • Does that hold true for me as the only user of the system? It seems the opposite of the explanation I'd been given earlier: having to `sudo` to run possibly untrustworthy stuff gives that stuff access to things protected by `root` (in addition to all my stuff?), running that stuff as myself only gives it access to my stuff, right? – orome Jan 14 '15 at 17:26
  • An remember, this isn't about the actual *system* packages directory (`/System/Library/Frameworks/Python.framework/Versions/2.7/Extras/lib/python`) (that's left alone); it's about the system-*wide* packages I've installed. – orome Jan 14 '15 at 17:28
  • @raxacoricofallapatorius, while it may work when you are the only user, I doubt that you would find anyone, who would recommend doing that. Users are not supposed to own files in `/Library`. virtualenv's are the right tool to solve this problem, without any downsides. – cel Jan 14 '15 at 17:30
  • @cel: But taking ownership (while not as good as virtualenvs) would be *better* than having to `sudo`, right? Also, isn' this effectively the approach adopted by Homebrew (though in another location)? – orome Jan 14 '15 at 17:38
  • @raxacoricofallapatorius, it may be more secure, but there is so much that can go horribly wrong. If you create a virtualenv, you will never write `sudo` in front of `python` again, without risking to break your system into pieces. I would generally recommend not making any manual changes in the systems directories. Users are not supposed write or own things there. – cel Jan 14 '15 at 17:50
  • @cel: But one *is* supposed to write things in `/Library/Python/2.7/site-packages`; that's how one maintains system wide packages (or adds to them); right? I agree that virtualenvs or a Brewed Python is the best solution (that can be part of the answer); but the issue at hand is if changing ownership is an improvement (and perhaps, how much of one it is). – orome Jan 14 '15 at 18:03