Getting SuperUser Authority From Within Running Python Program

Alex Martelli aleax at aleax.it
Sun Jan 26 16:39:40 CET 2003


Tim Daneliuk wrote:
   ...
> I am curious about one thing you said - that setuid is ok for selected
> (compiled) programs but not scripts.  If the script has appropriate
> limitations on who can modify it, why is setuid/setgid worse for
> scripts than compiled programs?

A good overview of Unix and Linux security issues is:

http://www.dwheeler.com/secure-programs/Secure-Programs-HOWTO/

In particular, some of the specific issues with setuid scripts, and
why Linux simply ignores the setuid bit on scripts, are explained in:

http://www.dwheeler.com/secure-programs/Secure-Programs-HOWTO/processes.html


Alex







More information about the Python-list mailing list