Python prog needs root -how to do this securely

Discussion in 'Python' started by John D., Aug 25, 2003.

  1. John D.

    John D. Guest

    I have a Python program which runs as user 'www' (it's a CGI).
    It needs root privilege to write a particular file.
    What's the best way of doing this while remaining secure?

    Right now I do os.system("sudo myutil parms") and pass the parms to it.
    I remove : < > & | from the parm string before passing it.
    Is there a way to do this without making a system call?
    i.e.
    gimme_root()
    my code...
    drop_root()
    John D., Aug 25, 2003
    #1
    1. Advertising

  2. John D. <> wrote:
    > I have a Python program which runs as user 'www' (it's a CGI).
    > It needs root privilege to write a particular file.
    > What's the best way of doing this while remaining secure?
    >
    > Right now I do os.system("sudo myutil parms") and pass the parms to it.
    > I remove : < > & | from the parm string before passing it.
    > Is there a way to do this without making a system call?


    With your approach you have to be aware that users on the system will probably
    be able to view the parameters your are passing to myutil. Whether this is a
    problem depends on your particular setup.

    One alternative would be to make nobody, apache, etc. (which ever your apache
    server runs under) the group owners of the file and give the apache group
    write permissions to the file. This may not be feasible for your setup.

    --
    ----------------------------------------------------------------------------
    Suchandra Thapa

    ----------------------------------------------------------------------------
    Suchandra Thapa, Sep 4, 2003
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Boris Zakharin

    Securely logging onto an SQL server

    Boris Zakharin, Jul 30, 2003, in forum: ASP .Net
    Replies:
    2
    Views:
    349
    Boris Zakharin
    Jul 30, 2003
  2. Doruk
    Replies:
    4
    Views:
    482
    Polux
    Nov 14, 2003
  3. Bart Nessux

    securely overwrite files with Python

    Bart Nessux, Mar 5, 2004, in forum: Python
    Replies:
    11
    Views:
    1,465
    Mathias Waack
    Mar 6, 2004
  4. -intl.com
    Replies:
    1
    Views:
    358
    Martin Gregorie
    Oct 22, 2006
  5. xkenneth
    Replies:
    6
    Views:
    831
    Ben Finney
    Dec 11, 2007
Loading...

Share This Page