When you run pipwith sudo, you run setup.pywith sudo. In other words, you run arbitrary Python code from the Internet as root. If someone puts up a malicious project on PyPI and you install it, you give an attacker root access to your machine. Prior to some recent fixes to pipand PyPI, an attacker could also run a man in the middle attack to inject their code when you download a trustworthy project.

当您运行pip使用sudo，运行setup.py使用sudo。换句话说，您以 root 身份从 Internet 运行任意 Python 代码。如果有人在 PyPI 上放置了一个恶意项目并且你安装了它，你就给了攻击者对你的机器的 root 访问权限。在最近对pipPyPI进行一些修复之前，攻击者还可以在您下载可信赖的项目时运行中间人攻击来注入他们的代码。

The only thing "wrong" with sudois that it, well, DOes as Super User ala root meaning you can potentially destroy an installation with the wrong command. As PIP is a package maintenance for a particular program you would need such access anyhow to make changes...

唯一“错误”的sudo是，它以超级用户 ala root 身份执行，这意味着您可能会使用错误的命令破坏安装。由于 PIP 是特定程序的包维护，因此无论如何您都需要此类访问权限以进行更改...

Using pip that way means you trust it to the level you allow it to make anything to your system. Not only pip, but also any code it will download and execute from sources you may not trust and that can be malicious.

以这种方式使用 pip 意味着您信任它到您允许它为您的系统做任何事情的程度。不仅是 pip，还有它会从您可能不信任的来源下载和执行的任何代码，这些代码可能是恶意的。

And pip doesn't need all that privileges, only the write access to specific files and directories. If you can't use your system's package manager and do not want to go the virtual environment way, you may create a specific user that has write privilege to the python installation directory and use it for pip. That way you better control what can pip do and not do. And you can use sudo -ufor that!

而且 pip 不需要所有这些特权，只需要对特定文件和目录的写访问权限。如果你不能使用你系统的包管理器并且不想走虚拟环境的方式，你可以创建一个对python安装目录有写权限的特定用户，并将其用于pip。这样你就可以更好地控制 pip 可以做什么和不做什么。你可以用sudo -u它！

Besides obvious security risks (which I think are in fact low when you install software you know) brought in other answers there is another reason. Python that comes with the system is part of this system and when you want to manage system you use tools designated for system maintenance like package manager in case of installing/upgrading/uninstalling software. When you start to modify system's software with third party tools (pip in this instance) then you have no guarantee about the state of your system. Yet another reason is that sudo can bring you problems you wouldn't have a chance or have a very small chance to have otherwise. See for example Mismatch between sys.executable and sys.version in Python

除了明显的安全风险（我认为当你安装你知道的软件时实际上很低）带来其他答案还有另一个原因。系统附带的 Python 是该系统的一部分，当您想管理系统时，您可以使用指定用于系统维护的工具，例如安装/升级/卸载软件时的包管理器。当您开始使用第三方工具（在本例中为 pip）修改系统软件时，您无法保证系统的状态。另一个原因是 sudo 会给你带来问题，否则你不会有机会或只有很小的机会。例如，请参见Python 中 sys.executable 和 sys.version 之间的不匹配

Distros are aware of this problem and try to mitigate it. For example Fedora – Making sudo pip safeand Debian – dist-packages instead of site-packages.

发行版已经意识到这个问题并试图减轻它。例如 Fedora –使 sudo pip 安全和 Debian – dist-packages 而不是 site-packages。