buildout needs a global egg unzip flag

Agreed.

BTW, there's also an environment variable you can set to tell
setuptools where to unpack things other than ~. You could set up a
directory for this purpose and set the environment variable.

Jim

On Jan 10, 2008, at 11:59 AM, Steve McMahon wrote:

> Public bug reported:
>
> I've been trying lately to identify places where the Zope 2 server
> needs
> write access that might be insecure. One spot is the $HOME/.egg-info
> directory used to unpack zipped egg files. I realize that it's Python
> doing this, and not Zope itself, but it's still a security problem if
> the server process needs write access to a directory that contains its
> own code.
>
> I've solved this problem in the past by using easy_install's --always-
> unzip flag when fetching eggs. I'd like to be able to do the same
> thing
> via buildout.
>
> Note that zc.recipe.egg allows you to set an "unzip = true" flag. It
> would be great if an option like this was available globally in
> buildout
> so that "eggs = " sections in the top-level buildout would always be
> unzipped.
>
> ** Affects: zc.buildout
> Importance: Undecided
> Status: New
>
> --
> buildout needs a global egg unzip flag
> https://bugs.launchpad.net/bugs/181820
> You received this bug notification because you are the bug contact for
> Buildout.

--
Jim Fulton
Zope Corporation

Wasn't this bug fixed in zc.buildout 1.1.1? See
http://pypi.python.org/pypi/zc.buildout#always-unzipping-eggs

Agreed. This is fixed.