Getting SuperUser Authority From Within Running Python Program
throwaway at mit.edu
throwaway at mit.edu
Sun Jan 26 11:10:23 EST 2003
> I am curious about one thing you said - that setuid is ok for selected
> (compiled) programs but not scripts. If the script has appropriate
> limitations on who can modify it, why is setuid/setgid worse for
> scripts than compiled programs?
check out these explanations:
http://www.ee.byu.edu/unix-faq/subsubsection3_6_6_5.html
http://www.ee.byu.edu/unix-faq/subsubsection3_6_6_6.html
http://mail-index.netbsd.org/netbsd-help/1996/07/03/0001.html
it is possible to start a script from a setuid C stub. see
Misc/setuid-prog.c in the python source distribution for an example. i
can't see what privileged operations you would want a file browser to
perform, though. what business do non-root users have manipulating
root-owned files?
alex.
More information about the Python-list
mailing list