Re: /usr/local is loved by Debian Python people?

[Guy Hulbert <gwhulbert@eol.ca>]

On Tue, 2009-03-02 at 10:00 -0500, Yaroslav Halchenko wrote:
> > It is a PITA for development but ...
> hm... sorry, but I don't see the actual point...

It's actually quite easy for someone in the 'staff' group to get root
privileges ... I told security@debian.org on Sunday exactly how and
exactly how to fix it but no-one got back to me about whether they care.
It also requires some social engineering but nothing that would be
suspicious.

Anyhow, I'm writing stuff to do sysadmin so for me that's the point.
Because /usr/local comes first in the default perl and python paths the
'staff' group is automatically trusted ... and I'm not so trusting.

-- 
--gh