root password in a .py script

Bart Nessux bart_nessux at hotmail.com
Fri Mar 12 20:11:53 CET 2004


Dave Brueck wrote:
> What is it that this script is doing? How is it getting invoked? And if it's
> being invoked by a non-root user, why should that user be allowed to do
> something that requires root privileges? Is there any reason why you simply
> don't run the script as root?

The script is setting the root password. It is running as root, by root 
as a daily cron job. It does three things:

1. Set root password to XXXXXXXXX
2. Make certain ssh is enabled on the machine, if not enable it.
3. Email the machine's IP to the admins

Root is the owner of the script... it's perms are 700

Why am I doing this? Because users turn off ssh and change the root 
password. Mac OSX allows "administrative" users to do this. This script 
undoes their changes.

> P.S. If you're going to automatically run the script on 200 machines, and
> you're putting the root password inside the script, does that imply that you
> have a network of 200 machines that all have the same root password?

Yes.




More information about the Python-list mailing list