search

WoeUSB / WoeUSB-ng

WoeUSB-ng is a simple tool that enable you to create your own usb stick windows installer from an iso image or a real DVD. This is a rewrite of original WoeUSB.
GNU General Public License v3.0
1.57k stars 132 forks source link

Unsafe installation practices #123

Open hasufell opened 3 weeks ago

hasufell commented 3 weeks ago

This package is unsafe to install.

https://github.com/WoeUSB/WoeUSB-ng/blob/18e8918f75af26c0258a5b5f7bdb13acb76611eb/setup.py#L15-L30

Paths are hardcoded and the README suggests to use sudo for installation. Pip user installation is broken.

IMO, such packages should be rejected from Pip.

brlin-tw commented 3 weeks ago

Hello, thanks for your bug report. Feel free to submit patches that can improve this situation if you're able to.