pythonegg warning

43 views
Skip to first unread message

Frédéric Chapoton

unread,
Mar 3, 2015, 4:44:31 AM3/3/15
to sage-...@googlegroups.com
Hello

I have got this kind of things in tests with 6.6.b2

doctest:1224: UserWarning: /home/patchbot/.sage//.python-eggs is writable by group/others and vulnerable to attack when used with get_resource_filename. 
Consider a more secure location (set with .set_extraction_path or the PYTHON_EGG_CACHE environment variable).

I have changed the rights of the offending file, but maybe there should be a better solution ?

See for example patchbot report on ticket http://trac.sagemath.org/ticket/17882

Frederic

Volker Braun

unread,
Mar 3, 2015, 7:13:09 AM3/3/15
to sage-...@googlegroups.com
This is due to our new setuptools (and probably the unneeded webasserts #16736). In any case, I reported this upstream but no Sage trac ticket yet:

https://bitbucket.org/pypa/setuptools/issue/254/the-default-python-eggs-mode-doesnt

Workaround is 

chmod 700 ~/.sage/.python-eggs 

Volker Braun

unread,
Mar 3, 2015, 3:34:36 PM3/3/15
to sage-...@googlegroups.com
Actually, I did make a Sage ticket a couple of days ago: http://trac.sagemath.org/ticket/17875
Reply all
Reply to author
Forward
0 new messages