urllib/ftpwrapper

[Kent Polk]

On Thu, 25 May 2000 17:06:24 +0200, Johannes Stezenbach wrote:
>Michael Ströder <michael at stroeder.com> wrote:
>>In one of my projects I'm using the SocketServer.ThreadingMixIn to
>>drive a multi-threaded HTTP server. For binding to a privileged port
>>my naive approach was to do all the initialization stuff as root and
>>do a setuid(wwwrun) just before calling method serve_forever() of
>>the server class. Works just fine.
>>
>>Does anybody see any security problems with that approach?
>
>You may also want to call setgid() before setuid().
>The general rule is to do as little work as possible using
>root privileges and drop them ASAP (least privilege principle).

Sam Rushing contacted me with a test patch. I tried it and it
worked. Hopefully he'll have an integrated solution RSN.