search

goodrobots / MAVCesium

An experimental web based map display for MAVProxy based on Cesium
https://gitter.im/goodrobots/Lobby
GNU General Public License v3.0
40 stars 20 forks source link

Extraction location for python eggs #1

Open SamuelDudley opened 8 years ago

SamuelDudley commented 8 years ago

When the files from the web application are extracted the following warning occurs:

/usr/lib/python2.7/dist-packages/pkg_resources.py:1031: UserWarning: /home/uas/.python-eggs is writable by group/others and vulnerable to attack when used with get_resource_filename. Consider a more secure location (set with .set_extraction_path or the PYTHON_EGG_CACHE environment variable). warnings.warn(msg, UserWarning)

As I see it there are a few ways to handle this warning:

  1. Change the permissions for ~/.python-eggs with chmod g-wx,o-wx ~/.python-eggs
  2. Set the extraction path to a user defined location at runtime via .set_extraction_path or PYTHON_EGG_CACHE
  3. Suppress / ignore it

I'm not sure if this is an issue on Windows, but option 1 wont work for that use case.

SamuelDudley commented 7 years ago

Could possibly use tempfile.mkdtemp to set up a temp directory for the user and set the .set_extraction_path to this location.