Python SUID
Ben Logan
ben at wblogan.net
Sat Jan 12 09:38:24 EST 2002
Hello,
You might want to have a look at sudo. It has the same effect as
setting the script suid, but is generally considered to be much safer.
Linux (and I assume other unices, but I'm not sure) will not allow a
shell script--and I think that applies to scripts in general--to be
suid because of the huge security risk.
OTOH, I think that you could make your wrapper script work by changing
the user to root inside the C program (I'm probably not saying that
correctly). I don't know how that's done (I don't know C), but I know
it can be, and is basically what sudo does.
Regards,
Ben
On Sat, Jan 12, 2002 at 01:09:46PM +0000, Florian Fredegar Haftmann wrote:
> Hi!
>
> I wanna make a python script run suid (for root); I tried to use a C
> wrapper:
>
> ------------------------------
> #define PATH "backup2disk.py"
>
> int main(argc, argv)
> int argc;
> char** argv;
> {
> execv(PATH, argv);
> }
> ------------------------------
>
> The files have the signature:
>
> -rwsr-xr-x root root backup2disk (the compiled wrapper)
> -rwxr-xr-x rppt root backup2disk.py (the python script)
>
>
> I can start the binary backup2disk, but the python script doesn't run suid.
>
> What's wrong?
>
> Thanks,
> FFH
>
> --
> http://mail.python.org/mailman/listinfo/python-list
>
--
Ben Logan: ben at wblogan dot net
OpenPGP Key KeyID: A1ADD1F0
Yinkel, n.:
A person who combs his hair over his bald spot, hoping no one
will notice.
-- Rich Hall, "Sniglets"
More information about the Python-list
mailing list