Running Python Scripts With 'sudo'
Jeff Epler
jepler at unpythonic.net
Wed Mar 2 16:15:20 EST 2005
Does "sudo" sanitize the environment? Imagine that the user can set
PYTHONPATH, PYTHONINSPECT, etc.
Beyond that, you have the same problems as with any code that runs with
"extra privileges". Can the user supply any code that is fed to
patently unsafe primitives (like the unpickler, eval() or the exec
statement)? If your program opens files with user-controlled names, did
you make all the right checks?
Jeff
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 196 bytes
Desc: not available
URL: <http://mail.python.org/pipermail/python-list/attachments/20050302/cc369c2e/attachment.sig>
More information about the Python-list
mailing list