Best way to gain root privileges

Terry Reedy tjreedy at udel.edu
Thu Feb 17 16:31:56 EST 2011 

On 2/17/2011 1:39 PM, Adam Skutt wrote:
> On Feb 17, 10:32 am, GSO<gso... at yahoo.co.uk>  wrote:
>>> I'm having a awfully hard time figuring out why a home CCTV
>>> application might need privilege at all.  Are you sure you really need
>>> privilege?  It sounds to me like there may be some larger design
>>> issues mandating the need for privilege when it's not really
>>> necessary.
>>
>> A user login should only able to view the footage.  It's important
>> that a user login cannot delete any images/video.  This much can be
>> done with ACL - but having said that a user login would still be able
>> to copy the images/video, so ACL would work but is not ideal - I could
>> prevent copying with raised privileges.
>
> No, you can't.  If I can read the data, I can copy the data.  How did
> you think you were going to prevent copying?  Remember that copying is
> just read()/write() in a loop.
>
>> If I were to allow a user to
>> archive footage without using an admin login then that would require
>> ACL with write access, which is out of the question.
>>
>> If a camera loses its connection I think it's OK to let a user restart
>> the camera without using gksu, but this would require raised
>> privileges.
>>
>> There are other misc. points where I need write access.  The directory
>> where images are stored by the live feed can become 'messy' (for want
>> of a better way of putting it), write access is needed to tidy it up
>> before live camera images can be viewed, it's not really appropriate
>> to use gksu here every time a user wants to view the live images.
>> Also (I don't know exactly how I'm going to do this yet) but I'm
>> thinking I might use the system log functions (syslogd) as part of a
>> scheme to ensure the integrity of saved footage and the archive.
>>
>
> As Terry suggests (and I fully concur), all of these issues are best
> solved by having a privileged daemon (though it may not need to be
> root or entirely root).

Come to think of it, I would first consider creating a 'cctv' user that 
owns the cameras and storage directories, and files and only do anything 
as root if absolutely necessary.

-- 
Terry Jan Reedy

More information about the Python-list mailing list