472,352 Members | 1,562 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

home > topics > python > questions > python prog needs root -how to do this securely

Join Bytes to post your question to a community of 472,352 software developers and data experts.

Python prog needs root -how to do this securely

I have a Python program which runs as user 'www' (it's a CGI).
It needs root privilege to write a particular file.
What's the best way of doing this while remaining secure?

Right now I do os.system("sudo myutil parms") and pass the parms to it.
I remove : < > & | from the parm string before passing it.
Is there a way to do this without making a system call?
i.e.
gimme_root()
my code...
drop_root()


Jul 18 '05 #1
1 1348
John D. <li***@webcrunchers.com> wrote:
I have a Python program which runs as user 'www' (it's a CGI).
It needs root privilege to write a particular file.
What's the best way of doing this while remaining secure?

Right now I do os.system("sudo myutil parms") and pass the parms to it.
I remove : < > & | from the parm string before passing it.
Is there a way to do this without making a system call?


With your approach you have to be aware that users on the system will probably
be able to view the parameters your are passing to myutil. Whether this is a
problem depends on your particular setup.

One alternative would be to make nobody, apache, etc. (which ever your apache
server runs under) the group owners of the file and give the apache group
write permissions to the file. This may not be feasible for your setup.

--
----------------------------------------------------------------------------
Suchandra Thapa
s-********@NOSPAMalumni.uchicago.edu
----------------------------------------------------------------------------
Jul 18 '05 #2
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

0
setuid in a php prog
by: Ben Eisenberg | last post by:
I'm trying to run a php script setuid. I've tried POSIX_setuid but you have to be root to run this. The files are located on a public access unix...
PHP
4
after, after_cancel and Python 2.3
by: Edward K. Ream | last post by:
Previous to Python 2.3 my app has destroyed the root Tk window using root.destroy rather than the more usual root.quit. In Python 2.3 this does not...
Python
2
Installing Python 2.3.3 on RH 7.3
by: Rien Kok | last post by:
Hi, I have a strange problem. I want to install Plone (Plone2-2.0.0rh-2.i386.rpm) Because Plone 2.0 needs Python 2.3.3, I installed Python 2.3.3...
Python
2
Python multithreading problem
by: abhinav | last post by:
//A CRAWLER IMPLEMENTATION please run this prog. on the shell and under the control of debugger when this prog. is run normally the prog. does not...
Python
24
Idiom for running compiled python scripts?
by: Mark | last post by:
Hi, I'm new to python and looking for a better idiom to use for the manner I have been organising my python scripts. I've googled all over the...
Python
9
Off Topic: What is the good book to learn Python ?
by: Katie Tam | last post by:
I am new to this filed and begin to learn this langague. Can you tell me the good books to start with ? Katie Tam Network administrator...
Python
3
Python version changes, sys.executable does not
by: Jeffrey Froman | last post by:
Hello All, I have two python versions installed, one in /usr/bin, and one in /usr/local/bin. However, when invoking python without a full path,...
Python
0
Python refuses to import SVN
by: Tomas | last post by:
Dear group. I have some big problems getting python to work with svn. Python SVN and SWIG is compiled from source. I have been testing Python...
Python
2
Re: The best way to package a Python module?
by: Jean-Paul Calderone | last post by:
On Mon, 16 Jun 2008 08:39:52 +1000, Ben Finney <bignose+hates-spam@benfinney.id.auwrote: Maybe. I'm no expert on Debian packaging. However, ...
Python
5
Using Python To Launch Python
by: aha | last post by:
Hello All, I have a situation where I can count on a Python installation being available on a system, but I can't count on it being a version of...
Python
0
Basic concepts of WebLogic Admin training?
by: Naresh1 | last post by:
What is WebLogic Admin Training? WebLogic Admin Training is a specialized program designed to equip individuals with the skills and knowledge...
Oracle Database
0
jalbright99669
https redirect with reverse proxy
by: jalbright99669 | last post by:
Am having a bit of a time with URL Rewrite. I need to incorporate http to https redirect with a reverse proxy. I have the URL Rewrite rules made...
IIS / Internet Information Server
0
Hyperconverged All-in-One Streaming Engine, ushering in new age for distributed database
by: antdb | last post by:
Ⅰ. Advantage of AntDB: hyper-convergence + streaming processing engine In the overall architecture, a new "hyper-convergence" concept was...
General
0
How to layout php header location with a variable as the location?
by: Matthew3360 | last post by:
Hi there. I have been struggling to find out how to use a variable as my location in my header redirect function. Here is my code. ...
PHP
2
How to use http requests (Get function) to get variable value?
by: Matthew3360 | last post by:
Hi, I have a python app that i want to be able to get variables from a php page on my webserver. My python app is on my computer. How would I make it...
Python
0
How do I view Redshift db tables in Alteryx
by: Arjunsri | last post by:
I have a Redshift database that I need to use as an import data source. I have configured the DSN connection using the server, port, database, and...
General
0
hi
by: WisdomUfot | last post by:
It's an interesting question you've got about how Gmail hides the HTTP referrer when a link in an email is clicked. While I don't have the specific...
General
0
PHP Curl Not wanting to connect to localhost.
by: Matthew3360 | last post by:
Hi, I have been trying to connect to a local host using php curl. But I am finding it hard to do this. I am doing the curl get request from my web...
PHP
0
BLUEPANDA
Join our open community on Discord to learn programming, SEO, and marketing
by: BLUEPANDA | last post by:
At BluePanda Dev, we're passionate about building high-quality software and sharing our knowledge with the community. That's why we've created a SaaS...
General

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2023
About Bytes
Advertise
Terms Of Use
Privacy Policy

Sitemap

Follow us! Get the Latest Bytes Updates