当我尝试对basic requirements package for django执行pip install requirements.txt
时,会运行以下恶意软件:
Collecting requirements.txt
Using cached requirements_txt-1.1.1-py2.py3-none-any.whl
Collecting ztz (from requirements.txt)
Using cached ztz-0.1.1.tar.gz
Installing collected packages: ztz, requirements.txt
Running setup.py install for ztz ... error
Complete output from command /Users/[user redacted]/inventory-barcode/inventoryenv/bin/python3 -u -c "import setuptools, tokenize;__file__='/private/var/folders/q9/124ns0sn68d1gkhlps1t60s80000gn/T/pip-build-nrl9xijr/ztz/setup.py';f=getattr(tokenize, 'open', open)(__file__);code=f.read().replace('\r\n', '\n');f.close();exec(compile(code, __file__, 'exec'))" install --record /var/folders/q9/124ns0sn68d1gkhlps1t60s80000gn/T/pip-zthn0_6m-record/install-record.txt --single-version-externally-managed --compile --install-headers /Users/[user redacted]/inventory-barcode/inventoryenv/include/site/python3.6/ztz:
running install
[+] It looks like you try to install ztz without checking it.
[-] is that alright?
[*] Please visit http://evilpackage.fatezero.org/
[/] Aborting installation.
----------------------------------------
据推测,package的目的是向人们展示安装错别字软件包的危险,但这是令人讨厌和不受欢迎的,而且应该把用户信息放到网上公开羞辱。我如何才能摆脱它,防止它劫持皮普?你知道吗
目前没有回答
相关问题 更多 >
编程相关推荐