Best way to gain root privileges
Terry Reedy
tjreedy at udel.edu
Thu Feb 17 12:45:27 EST 2011
On 2/17/2011 10:32 AM, GSO wrote:
>> I'm having a awfully hard time figuring out why a home CCTV
>> application might need privilege at all. Are you sure you really need
>> privilege? It sounds to me like there may be some larger design
>> issues mandating the need for privilege when it's not really
>> necessary.
>>
>
> A user login should only able to view the footage. It's important
> that a user login cannot delete any images/video. This much can be
> done with ACL - but having said that a user login would still be able
> to copy the images/video, so ACL would work but is not ideal - I could
> prevent copying with raised privileges. If I were to allow a user to
> archive footage without using an admin login then that would require
> ACL with write access, which is out of the question.
>
> If a camera loses its connection I think it's OK to let a user restart
> the camera without using gksu, but this would require raised
> privileges.
>
> There are other misc. points where I need write access. The directory
> where images are stored by the live feed can become 'messy' (for want
> of a better way of putting it), write access is needed to tidy it up
> before live camera images can be viewed,
Could restarts and cleanups be done with a root daemon separate from
user scripts?
FWIW, I recently read an article about how some internet-connected
cameras are much more accessible to the world than the owners probably
intended, even to the point, sometimes, of providing access to the
built-in gui control panel. So some thought seems appropriate in this
area ;-).
--
Terry Jan Reedy
More information about the Python-list
mailing list