Embedding a restricted python interpreter

Peter Maas peter at somewhere.com
Fri Jan 7 08:12:19 EST 2005


Paul Rubin schrieb:
>>Best solution would probably be to create
>>a thread for each request that can operate only with the id of an
>>authenticated user. But this seems to be a problem with Apache or
>>with Linux?
> 
> 
> Threads wouldn't do it--you'd need separate processes.  For example,
> multiple threads in the same process can access each other's file
> descriptors.  

You are probably talking about Unix-like systems. I googled for that
and found that on Windows threads inherit the security context of
their parent processes but can impersonate as another user after
being created. So it seems to be an OS issue.

-- 
-------------------------------------------------------------------
Peter Maas,  M+R Infosysteme,  D-52070 Aachen,  Tel +49-241-93878-0
E-mail 'cGV0ZXIubWFhc0BtcGx1c3IuZGU=\n'.decode('base64')
-------------------------------------------------------------------



More information about the Python-list mailing list