473,320 Members | 1,839 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,320 software developers and data experts.

Using pexpect with 'sudo'

I'm having a problem using pexpect with 'sudo' on Ubuntu 6.06 (Dapper).
Here's the program:

#!/usr/bin/env python
import pexpect
import sys

child = pexpect.spawn("sudo apt-get update")
child.logfile = sys.stdout

try:
i = child.expect(["Password:", pexpect.EOF, pexpect.TIMEOUT])

if i == 0:
print "****************************** sending password"
child.sendline("XXX") # Not my real sudo password
elif i == 1:
print "EOF"

elif i == 2:
print "TIMEOUT"

except Exception:
print "Exception"

The strange thing is that this script runs with no problems (downloads
the repository updates), even though it should fail. It never prints
the "****************************** sending password" line, and even if
it did write the password to the process, it isn't the correct
password. I've done this after a 'sudo -k' to clear the sudo password,
and if I run 'sudo apt-get update' from the command line manually, it
asks for the password every time.

I I change the spawn to:

child = pexpect.spawn("sudo -u <my user name hereapt-get update")

it fails with:

E: Could not open lock file /var/lib/apt/lists/lock - open (13
Permission denied)
E: Unable to lock the list directory

which is expected.

If I'm not going crazy, this seems like a security hole that allows a
user to run any system command without a superuser password.

Any ideas?

Thanks,

Don

Oct 17 '06 #1
0 2109

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

0
by: Steve Horsley | last post by:
I am trying to automate changing of a password for a particular user account (for use by scripts, not people). I am trying to use the command "passwd testuser" as root. Of course I can do this by...
0
by: Krutibas Biswal | last post by:
Hi, I am using a script 'unbuffer' for unbuffering my outputs when using pipes. This script is based on expect and looks like this : ----------------------------------------------...
5
by: funkyj | last post by:
I love pexpect because it means I may never have to use expect again (I don't do any heavy expect lifting -- I just need simple tty control)! As a python advocate I find it embarassing how...
20
by: valpa | last post by:
I'm a net admin for about 20 unix servers, and I need to frequently telnet on to them and configure them. It is a tiring job to open a xterm and telnet, username, password to each server. Can I...
5
by: half.italian | last post by:
Hi all. I try not to post until I am stuck in hole with no way out. I fought with this for several hours, and am currently in the hole. I'm doing a proof of concept for creating afp shares...
7
by: Adrian Casey | last post by:
I have a multi-threaded python application which uses pexpect to connect to multiple systems concurrently. Each thread within my application is a connection to a remote system. The problem is...
5
by: crybaby | last post by:
I need to ssh into a remote machine and check if mytest.log file is there. I have setup ssh keys to handle login authentications. How do I determine if mytest.log is there by using Pexpect. What...
0
vinoj
by: vinoj | last post by:
Hi All, These are the following things which i want to do:- 1. I will be taking the ipaddress, username and password from the user using cgi ffrom the browser. 2. Now i want...
2
by: yellowblueyellow | last post by:
Hey , I need to SSH into a server .. (10.8.42.38) using pexpect the username is 'admin' and password is 'abc123' so far i have the following code import pexpect import sys import time...
0
by: DolphinDB | last post by:
The formulas of 101 quantitative trading alphas used by WorldQuant were presented in the paper 101 Formulaic Alphas. However, some formulas are complex, leading to challenges in calculation. Take...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
1
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: Vimpel783 | last post by:
Hello! Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
0
by: jfyes | last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
0
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
0
by: Defcon1945 | last post by:
I'm trying to learn Python using Pycharm but import shutil doesn't work
0
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.