-
Notifications
You must be signed in to change notification settings - Fork 3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Proposal: introduce a required flag to trigger installation from a package index #1940
Comments
-1. The main use case for pip is to install packages from PyPI. Installing local packages is secondary (but important, obviously). Making users add a mandatory flag for the key use case is not practical. The real mistake here is careless use of sudo. While it's fine for pip to help reduce the risks involved in such mistakes, ultimately it's not pip's problem. It may, I guess, be an option to require the flag when pip is running as root. That seems confusing to me, as just adding "sudo" to an otherwise working command isn't sufficient, but I'm not a Unix user so I'll defer to them on what is reasonable for that environment. |
Regardless of |
-1 The main use of pip is to install from Pypi. By definition, if you install something from Pypi you implicitly place a level of trust in it. If you are worried about running the wrong remote package because you typed in the wrong name, then this problem exists whether you have an extra flag or not. |
So, I am -1 on mandating a flag just to install from PyPI for the reasons that @pfmoore and @mangecoeur have already stated. The only thing I could see us actually doing is taking a leaf out of However even the above won't provide the kind of safety that this ticket is asking for because in order to build a dependency graph we need to execute the |
I think @dstufft's suggestion is certainly a reasonable one that would move this in the right direction, if not solve it completely. |
Hell's bells, could you be any more alarmist? There are not a million packages all with names subtly misspelled from popular PyPI packages that are exclusively designed to The fact that you are running user-contributed code coming from the wider community (or whoever) is part of the core design of PyPI; and npm, and rubygems, and cabal, and every other language's user package repo in existence. This isn't potentially untrusted, it is untrusted. You have to review it yourself, because it's from someone else who you haven't paid a dime to do The Right Thing™ (for whatever your definition of that is). That's just the deal. If you don't wish to run untrusted code I suggest you move away from using pip at all, and either stick to distribution package managers or disconnect from the internet. In the mean time, you might also be interested to hear that we plan to move pip away from requiring a user using a system python to run pip with sudo, by making the |
Yes, it's a extreme, corner-case example. Even if packages are not malicious is it still not worth warning the user that what they are attempting to do is likely not their true intent, or help preventing error in some way? As a side note: you don't necessarily have the right to review code from PyPI yourself - there are plenty of closed-source binary distributions available through it. |
The problem is accurately guessing a "true intent" in the first place. If you have a specific case where you think pip could be issuing a warning that it currently doesn't that would be helpful, we'd love to hear it.
Yes, although it's perfectly possible to download any distribution from PyPI before executing it (and look at it, if its easily unpackable), PyPI does not place any restriction on the license under which users must upload their package (apart from, implicitly afaik, allowing for its distribution by PyPI...). I don't see this changing. |
I'm going to close this, I don't think we'll ever implement it and a number of maintainers are against it. |
Currently, the
pip install
command accepts either a local path (absolute or relative) as an argument, or the name of a package to be retrieved from a package index, defaulting to PyPI.I propose that a new flag be introduced to indicate that the argument should be interpreted as a package name to be retrieved from a package index.
Consider the situation where a user mis-types:
where there is no
src
directory relative to the user's current working directory. This will triggerpip
to fetch the package namedsrc
from PyPI and run its setup script with root privileges.Forcing the user to instead type:
to install a package from a package index and only allowing the previous usage to install packages from the local filesystem eliminates this potential security risk.
Making a similar change to require a flag for local installation introduces a similar risk that the user forgets to use the flag and the remote package is still downloaded and run. Introducing a flag for installation from a package index means that even if the user omits the flag, the worst case scenario is that they install something from their own filesystem.
I have raised a similar issue for
setuptools
.TL;DR: Package managers should never download & run remote code just because a user mistypes a filename.
The text was updated successfully, but these errors were encountered: