[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Dowloading package dependencies from locked down machine


On Mon, Jul 27, 2020 at 6:46 PM Andrew McLean <lists at> wrote:
> On 26/07/2020 14:07, Mike Dewhirst wrote:
> > I think your best bet is to make a formal business case to your IT
> > people and explain what's in it for them. If they hold all the cards
> > you defeat them at your peril.
> The issue is that the IT department thinks that installing the full
> power of Python scripting on an Internet facing machine is inconsistent
> with the "Cyber Essentials Plus" accreditiation that they need to win
> Government contracts. I'm trying to come up with an alternative that
> would be acceptable to them, I'm not going behind their backs.
> I wonder, would it be possible to create a standalone executable version
> of pip with py2exe or similar?

Coming from experience working with the Government Contractor first hand,
they have to have an approved list of software people can work with.

Ask to provide that list.
Now such a list is provided by the Security Office and it does not
come from the IT department.

You can actually go and check this list yourself. Check with your company

I can assure you python will definitely be on that list.
Its possible that some python modules may not be there but the
language/interpreter will.

Thank you.

> - Andrew
> --