SUGGEST: os.getuser()
Thomas Wouters
thomas at xs4all.net
Fri Jan 21 11:36:51 EST 2000
On Fri, Jan 21, 2000 at 05:04:32PM +0100, Gerrit Holl wrote:
> So getpwuid() is never safe? But in my program, I *also* need the
> comment field. So if there are multiple uids the same, I can't get
> the full name?
If you're paranoid about the USER environment variable, but you do not want
trouble with multiple usernames with the same userid, do it the other way
'round: get the pwentry for USER, check the uid, and if they're the same,
use the GECOS field of that entry. If it's not the same, get the first entry
for the uid, and use that GECOS field.
Or use filter(lambda x: x[3] == uid, pwd.getpwall()) or some such to get a
list of alternatives and give the user a choice ;)
> a-sysop-letting-multiple-identical-uids-be-in-/etc/passwd-
> -is-very-paranoid-anyway-ly yours,
It doesn't have much to do with being paranoid. It doesn't provide more
security (actually, it provides _less_ security. The same uid, but an extra
password, an extra homedirectory to put .rhosts and .netrc's in, etc.) But it
definately has it's uses -- when you trust someone enough to use a specific
account, but you do not want to give the person the password for other
reasons, for instance.
--
Thomas Wouters <thomas at xs4all.net>
Hi! I'm a .signature virus! copy me into your .signature file to help me spread!
More information about the Python-list
mailing list