%ghost .pyo

Toshio Kuratomi toshio at tiki-lounge.com
Wed Dec 22 19:59:52 UTC 2004 

On Thu, Dec 23, 2004 at 01:21:14AM +0800, Jeff Pitman wrote:
> On Thursday 23 December 2004 00:43, Toshio Kuratomi wrote:
> > If you have set up root to do something nonstandard like running
> > python in optimized byte comilation mode is the onus also on you to
> > create the pyos so you can create tripwire hashes?  (Or set /usr ro
> > or [untested] an SELinux context to keep pyo's from being written?)
> 
> rpmlint comes to mind as "something nonstandard".  If you so happen to 
> run it has root, of course.  To truly be FHS-compliant, yes, the burden 
> is on an integrator or user to keep Python from writing to /usr.  From 
> FHS v2.3:

The non-standard was setting root to create optimized byte compiled files.  If
root isn't configured to do that, python won't attempt to create optimized
byte compiled files.

> """
> /usr is the second major section of the filesystem. /usr is shareable, 
> read-only data. That means that /usr should be shareable between 
> various FHS-compliant hosts and must not be written to. Any information 
> that is host-specific or varies with time is stored elsewhere.
> """
> 
So the letter specifies that python should not write to /usr.  OTOH, the
reason given is so /usr can be shared, read-only data.  Since python
doesn't care if it writes the byte compiled files (and will run fine if it
doesn't create them), I claim it's not a violation of the spirit of the FHS.

> Technically pyo, when auto-generated by Python during execution, should 
> be written under /var.  One could then create a system to allow 
> user-executed pythons to generate pyo for each other based on group 
> permissions.  This would be especially cool if pyo actually provided a 
> significant optimization besides a minor startup boost.
> 
Conceptually, pyc/pyo files aren't /var fodder.  Maybe they belong in /srv.
(They aren't cache files like /var/man/catman... they're on the fly compiled
executables/libraries.)

I can foresee potential security issues with pyo's generated from
user-python instances being shared with other people on the system.  These
aren't just data files, they're exectuable content.  This might be
solvable but it has a lot of implications.

> Since Python is cross-platform, moving things around like that would be 
> too platform specific and most likely rejected.  Interestingly enough a 
> related RFE was filed a few years back:
> http://sourceforge.net/tracker/index.php?func=detail&aid=588756&group_id=5470&atid=355470
> 
Aye!  There's the rub!

> So, to %ghost or not to %ghost, that is the question! 
>
I favor ghosting.  But I don't run Tripwire....

-Toshio

More information about the fedora-devel-list mailing list