[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]

Re: [LUG] Python Question

To: list@xxxxxxxxxxxxx
Subject: Re: [LUG] Python Question
From: Robin Cornelius <robin.cornelius@xxxxxxxxx>
Date: Tue, 23 Oct 2012 12:15:13 +0100
Delivered-to: dclug@xxxxxxxxxxxxxxxxxxxxx
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=/IQnrPk7v1EzQFDStaicq4j1NhPWTx+RG7C27dizCCg=; b=qbU21uddjtPHjQfe84uP5Tv5TwSqsBMae0BKJJz7yQlm/ODnWD4AlkQ2O1jw9Jk4sy 5lRkDmNZK5rVI7HnnbpcTock6AXt0eTpOIK0rhtwTtnvxl27NuGuTJI+85rgrsZNgfFg WGFFCDHFFdWtNHlwu39RdIjQ7kAT1gQMA7GEcCruOTcxegaD0x1zTzc4tsbFzEosbkBl Per67dsp3saGYW0vdbJtlR/MFOG/bwtAoQzJCd3EFxiVElJHDg5jJVL5fGQ9HDVmai3m H9iRWtSOzNgsBE6BVlrZmNjChRbRdmT4126i7jUpZ5802RsVgmf2oziW55ryoyCWm/YJ VLiA==

On 23 October 2012 10:34, Adam Latham <adam.latham@xxxxxxxxxxxxxxxxxxx> wrote:
> Hi all!
>
> Just a brief one.  We've finally managed to convince the IT department in the 
> Academy I work at to try Python.  Which is pretty cool in itself.
>
> However, as they run Windows 7 and everything is locked down pretty tight, I'm 
> wondering about the wisdom of the default install path.
>
> I should mention they've opted for the community edition of ActivePython (why? No 
> idea...) and have installed in the C:\Python2.7 directory.
>
> They're intending for people to use Idle to develop.
>
> Having briefly played with it and done the obligatory os.getcwd() Idle is running 
> straight out of the Python directory.
>
> Don't ask me why but it just rang some alarm bells.
>
> Whilst I'm sure that the average student at my school has little desire or skill 
> to run malicious scripts, it just seems a bit mental to allow these to be run 
> directly on this path.
>
> Am I just being paranoid?  What about a CLI argument such as:
>
> idle.py -c "os.chdir('some-user-path')"
>
> Added to the shortcut/launcher?
>
> Any comments or suggestion welcomed. I'd like them to at least give python a good 
> go, rather than give it up as too difficult to configure...
>
> Write permissions to the c:\ drive are strictly controlled, I should add, and the 
> userspace is in H:\
>

It should not be a problem IMHO, python likes to install to
c:\Python27 but that is just where it and its libraries live, you
don't need write permission there other than to install it in the
first place, and that is no different to installing in %PROGRAMFILES%.
it is nice however to have C:\Python27 added to the %PATH% (either
system or user) to prevent some insanity later when running scripts.

Users should be writing python files in their home directories and
running them from there too so any output gets saved. the python.exe
will be running under there userid and should have no more permissions
than they do regularly so it can't write to places you can't and can't
read from files you can not. However if this is a *very* locked down
system and they are prevented getting to a command prompt etc then
python will give them access to files that might otherwise be cut off
from them, should not be a problem in theory but worth considering.

Robin

-- 
The Mailing List for the Devon & Cornwall LUG
http://mailman.dclug.org.uk/listinfo/list
FAQ: http://www.dcglug.org.uk/listfaq

Follow-up: Re: [LUG] Python Question
- From: bad apple

References:
- [LUG] Python Question
  - From: Adam Latham

Prev by Date: [LUG] Python Question
Next by Date: Re: [LUG] Python Question
Previous by thread: [LUG] Python Question
Next by thread: Re: [LUG] Python Question
Index(es):
- Date
- Thread