On Apr 27, 2017, at 2:32 AM, Nick Coghlan <ncoghlan(a)gmail.com>
wrote:
Debian and derivatives already mitigate the potential harm for these
cases by requiring the "--install-layout=deb" option to be passed to
get distutils to install into the system directories rather than doing
it by default:
https://wiki.debian.org/Python#Deviations_from_upstream
<
https://wiki.debian.org/Python#Deviations_from_upstream>
Their approach means that any harm caused by "sudo pip install X" can
subsequently be fully reversed by doing "sudo pip uninstall X".
For whatever it’s worth, at some point in time I plan on attempting to formalize the
Debian solution (or something akin to it) within a PEP and try to get baked in support for
it in Python.
I also feel required to point out that ``sudo pip uninstall`` isn’t always enough, because
while the two systems install to different locations, pip currently will uninstall the
files in /usr when installing to /usr/local. They’ve patched their copy of pip to refuse
to uninstall files from /usr, but upstream pip will still do it. Again, something I hope
to get sorted at some point (and of course, an upgrade totally restores the files in
/usr).
—
Donald Stufft