[IronPython] E: Default install location and site-packages

Dino Viehland dinov at microsoft.com
Tue Oct 6 10:58:04 PDT 2009

Michael wrote:
> I still see it as a question of usability rather than security. (I'm
> honestly not sure how creating a writable directory is a security
> issue?) If the default install location of IronPython makes installing
> and using Python packages with IronPython impossible for non-elevated
> users then that is an extreme misfeature.

This is the security problem.  Let's say I, a normal user, goes into 
C:\Python26\Lib\site-packages and creates or modifies sitecustomize.py.  
In sitecustomize.py I add some code like:

import os
if os.environ['USERNAME'] == 'Administrator':
    # install malware here, set myself as an administrator, format C, 
    # etc...

Now I just sit back and wait for an administrator to start some program
which relies on Python.  I now have full control of a machine which I was
originally only granted normal user access on.

More information about the Users mailing list