id	summary	reporter	owner	description	type	status	priority	component	severity	resolution	keywords	cc
177	Secirity risk: easy_install reads a wiki page to get tarball path	upadhyay@…	xi	"This is a *huge* security risk. Anyone can modify the wiki page: http://pyyaml.org/wiki/PyYAML, adding a malicious tarball location, that will be downloaded by easy_install and run as root on everyone who tries to install PyYAML. 

At the very least please make the wiki page editable by only few people. Or make the pypi download location point to something more ""reliable"". "	defect	closed	highest	pyyaml	blocker	fixed