Securing the Pyton Interpreter?
Vinoo Vasudevan
ee01b092 at ee.iitm.ernet.in
Wed Jul 16 23:53:18 EDT 2003
Stephen VanDahm <usenet at fomps.net> wrote in message news:<slrnbh7q3f.kiv.usenet at norge.freeshell.org>...
> I'm looking for a way to install Python on a UNIX machine in a way such
> that any user on the system can use it, but only to execute scripts that
> are located in a certain directory. I do not have root access on the
> machine that will be running Python, so my options are limited. I thought
> about hacking the Python interpreter itself so that it will examine the
> argument array and exit with an error if the script to be executed isn't
> in the appropriate directory, but this seems pretty risky. The module
> 'site.py' is imported automatically upon initialization -- I've thought of
> adding the check there instead. I don't think either of these solutions
> are very elegant. Is there a better way?
>
> Thanks for your time,
>
> Steve VanDahm
> vandahm at norge.freeshell.org
Hi,
Hacking the interpreter seems like overkill. Why not just set up a
shell script containing the names of the allowed python scripts, and
execute it from there.
for example:
#!/usr/bin/sh
if "$1" in myscript1.py myscript2.py ....;
then
. /usr/bin/env python "$1"
else
echo "You can't execute that script."
fi
My shell scripting is a little rusty so there may be some errors, but
I hope you get the general idea.
Hope it's useful,
Vinoo
More information about the Python-list
mailing list