Best way to gain root privileges

Adam Skutt askutt at gmail.com
Thu Feb 17 03:59:58 CET 2011


On Feb 16, 9:00 pm, Dan Stromberg <drsali... at gmail.com> wrote:
> So yeah, whether you use perl or anything else invoked with #!, you're
> pretty much better off with sudo, or a tiny C wrapper that's so simple
> it's hard to get wrong.

UNIX makes this almost impossible unless your wrapper is cooperative
with whatever process invokes it, which is itself a security risk.  I
advise anyone seriously considering this route to take a long, hard
look at just what contortions sudo goes through in order to achieve
this safety.  A correct suid program is neither tiny nor simple.

Passing things through sudo(1) is really the only sensible route these
days but even that can be fraught with peril.  For something as simple
as, 'Write to a normally restricted area' it's probably no more secure
than an ACL (and potentially way less if you screw up the sudo
configuration).

> However, perl's taint feature would be useful
> irrespective when writing privileged code; it removes some of the
> skill required.

I don't really think so.  It doesn't help prevent, for example,
someone redirecting stdout to /etc/shadow and then running your
command.  Besides, I'm not even remotely convinced that 'removing
skill' is a good idea.

It especially doesn't help you very much when the whole point of your
script is just a wrapper to elevate privileges (execute another
programs) or copy files about.

Adam



More information about the Python-list mailing list