Reword UserWarning for insecure extraction path so that the message can be keyed for ignoring it. Ref #1899.

author: Jason R. Coombs <jaraco@jaraco.com> 2020-03-07 17:23:01 -0500
committer: Jason R. Coombs <jaraco@jaraco.com> 2020-03-07 17:23:01 -0500
commit: 35cdda926151d52963baf32e0770f2d5f16e5dfd (patch)
tree: e677766a4b4852a57b9ea7f2b5e739eafa7cbfae /pkg_resources/__init__.py
parent: 85df5f7766f9ba4f0d238298d0d57e86fad8fe80 (diff)
download: python-setuptools-git-35cdda926151d52963baf32e0770f2d5f16e5dfd.tar.gz
1 files changed, 6 insertions, 5 deletions
diff --git a/pkg_resources/__init__.py b/pkg_resources/__init__.py
index 75563f95..88d4bdca 100644
--- a/pkg_resources/__init__.py
+++ b/pkg_resources/__init__.py
@@ -1235,12 +1235,13 @@ class ResourceManager:
         mode = os.stat(path).st_mode
         if mode & stat.S_IWOTH or mode & stat.S_IWGRP:
             msg = (
-                "%s is writable by group/others and vulnerable to attack "
-                "when "
-                "used with get_resource_filename. Consider a more secure "
+                "Extraction path is writable by group/others "
+                "and vulnerable to attack when "
+                "used with get_resource_filename ({path}). "
+                "Consider a more secure "
                 "location (set with .set_extraction_path or the "
-                "PYTHON_EGG_CACHE environment variable)." % path
-            )
+                "PYTHON_EGG_CACHE environment variable)."
+            ).format(**locals())
             warnings.warn(msg, UserWarning)
 
     def postprocess(self, tempname, filename):
author	Jason R. Coombs <jaraco@jaraco.com>	2020-03-07 17:23:01 -0500
committer	Jason R. Coombs <jaraco@jaraco.com>	2020-03-07 17:23:01 -0500
commit	35cdda926151d52963baf32e0770f2d5f16e5dfd (patch)
tree	e677766a4b4852a57b9ea7f2b5e739eafa7cbfae /pkg_resources/__init__.py
parent	85df5f7766f9ba4f0d238298d0d57e86fad8fe80 (diff)
download	python-setuptools-git-35cdda926151d52963baf32e0770f2d5f16e5dfd.tar.gz