Best way to gain root privileges
GSO
gsowww at yahoo.co.uk
Thu Feb 17 16:54:33 EST 2011
>
> Could restarts and cleanups be done with a root daemon separate from user
> scripts?
>
I like the idea of a user creating a login as you do typically with
client/server progs, no need to have the root password all the time:
http://www.python.org/dev/peps/pep-3143/
http://pypi.python.org/pypi/python-daemon
http://docs.python.org/library/multiprocessing.html#module-multiprocessing
http://docs.python.org/library/socket.html
> FWIW, I recently read an article about how some internet-connected cameras
> are much more accessible to the world than the owners probably intended,
> even to the point, sometimes, of providing access to the built-in gui
> control panel. So some thought seems appropriate in this area ;-).
I'd like to read that article. My experience of wifi is that if you
are not using the latest encryption standards then it will be hacked
quite quickly. Otherwise if the product is cheap then I think you
need to take a good look at the software running on it. I wouldn't
put any CCTV anywhere near an Internet connected Windows machine (not
unless someone at least in the first instance can tell me how to
install the security updates without getting hacked first!). I've
been looking at this type of (wired) product myself http://j.mp/gLycNf
(the starting point for supported devices is here
http://linuxtv.org/wiki/index.php/Hardware_Device_Information ).
At the end of the day it's a dodgy business connecting any home CCTV
to a network - I'll fork out on a dedicated system if I need to
essentially, but Redhat 6 'seems' (I'm sure I'd soon know if it
wasn't) secure, and so it's not a priority (they are expensive).
Computers are hacked in 2 ways, local crime will prefer to intrude and
get direct access to the keyboard, but if you have your home CCTV
installed then that does quite effectively keep them out, so the CCTV
software keeps itself secure. As to hacking over the Internet, I've
found on a security hardened Redhat install, it seems the browser
(don't run flash - use a kiosk login for this, e.g., xguest
http://j.mp/eGKL19 ) can still be hacked and with hacking of the
computer's memory following possibly also, but nothing that has got
through to the core of the operating system as yet, so the CCTV
software (I hope! you usually can tell) is safe -- I've just reminded
myself to put the browser in a virtual machine at some point :)
More information about the Python-list
mailing list