[IronPython] E: Default install location and site-packages
dinov at microsoft.com
Tue Oct 6 10:58:04 PDT 2009
> I still see it as a question of usability rather than security. (I'm
> honestly not sure how creating a writable directory is a security
> issue?) If the default install location of IronPython makes installing
> and using Python packages with IronPython impossible for non-elevated
> users then that is an extreme misfeature.
This is the security problem. Let's say I, a normal user, goes into
C:\Python26\Lib\site-packages and creates or modifies sitecustomize.py.
In sitecustomize.py I add some code like:
if os.environ['USERNAME'] == 'Administrator':
# install malware here, set myself as an administrator, format C,
Now I just sit back and wait for an administrator to start some program
which relies on Python. I now have full control of a machine which I was
originally only granted normal user access on.
More information about the Users