Root access with python
Steve Holden
sholden at holdenweb.com
Tue Mar 26 15:03:36 EST 2002
"Andy Gimblett" <gimbo at ftech.net> wrote in message
news:mailman.1017071438.28406.python-list at python.org...
> On Mon, Mar 25, 2002 at 12:38:55PM -0300, Gustavo Niemeyer wrote:
>
> > You have several options to do this, and all of them involve setting the
> > setuid bit in some executable. OTOH, setting setuid bit on scripts
> > usually doesn't work. If that's your case, you'll have to freeze your
> > script into a native executable, or build some kind of wrapper. Google
> > for "setuid bit scripts" for more information.
>
> As a general solution to this kind of problem, sudo is excellent,
> though it might be overkill for this particular case.
>
The problem is that sudo also required you to authenticate yourself
periodically, albeit as an ordinary user rather than root. I suppose there
may be an option to not require authentication, but any such device is
theoretically dangerous.
As far as setuid scripts goes, just say no. There are far too many security
holes in almost every Unix to think that it's safe to use setuid scripts.
regards
Steve
More information about the Python-list
mailing list