[Python-modules-team] Bug#725847: python-pip: DoS by other users on the same system

Donald Stufft donald at stufft.io
Sun Nov 23 03:15:53 UTC 2014

Just a FYI, I back ported this fix to 1.5.6 which should apply pretty easily to
the version of pip in testing and unstable. Essentially it will use a random
and securely created build directory in most every situation except the one
that relies on having a predictable build directory.

The patch is here: https://bpaste.net/show/05df2f100c93

I'm not sure what (if anything) I can do to help get this issue fixed other
than provide that patch.

Donald Stufft
PGP: 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA

More information about the Python-modules-team mailing list