Impersonate another user temporarily (Unix and Windows)

billiejoex gnewsg at gmail.com
Thu Aug 23 23:57:25 CEST 2007


On 23 Ago, 23:20, Steve Holden <st... at holdenweb.com> wrote:
> billiejoex wrote:
> > On 23 Ago, 13:13, "Chris Mellon" <arka... at gmail.com> wrote:
> [...]
> >> Note that running your process as a user with enough priviledges to
> >> impersonate another user pretty much eliminates all the benefits of
> >> running as a low-priviledged user in the first place. Consider
> >> re-thinking your application model and having an "ftp" user instead.- Nascondi testo tra virgolette -
>
> >> - Mostra testo tra virgolette -
>
> > Could you be more precise?
> > Why it's not a good idea?
> > I was thinking of starting ftpd as limited user ('nobody'/'ftp' on
> > unix, 'Guest' on Windows), then temporary switching to another user
> > when I got to perform actions on file system.
> > Maybe you're saying that as limited user I can't do such switching?
>
> That's exactly what he's saying.
>
> regards
>   Steve
> --
> Steve Holden        +1 571 484 6266   +1 800 494 3119
> Holden Web LLC/Ltd          http://www.holdenweb.com
> Skype: holdenweb      http://del.icio.us/steve.holden
> --------------- Asciimercial ------------------
> Get on the web: Blog, lens and tag the Internet
> Many services currently offer free registration
> ----------- Thank You for Reading -------------- Nascondi testo tra virgolette -
>
> - Mostra testo tra virgolette -

Uhm... I'm confused.
Which kind of aproach is generally adopted in such cases?




More information about the Python-list mailing list