Hi there. I'm writing a modification for a FTP server library I'm
maintaining.
Depending on the system I'd want to temporarily impersonate the logged
user to perform actions on filesystem.
Something like:
try:
change_user('user', 'password')
os.rmdir('dir')
except:
print "some error"
finally:
change_user('old_user', 'password')
On Unix I took at look at os.seteuid() and os.setegid() functions and
I noticed they could be useful for my purpose.
On Windows I have no idea about how could I emulate a similar
behaviour.
Could someone please point me in the right direction?
Thanks in advance
6  4408 
billiejoex wrote:
Hi there. I'm writing a modification for a FTP server library I'm
maintaining.
Depending on the system I'd want to temporarily impersonate the logged
user to perform actions on filesystem.
Something like:
try:
change_user('user', 'password')
os.rmdir('dir')
except:
print "some error"
finally:
change_user('old_user', 'password')
On Unix I took at look at os.seteuid() and os.setegid() functions and
I noticed they could be useful for my purpose.
On Windows I have no idea about how could I emulate a similar
behaviour.
Could someone please point me in the right direction?
(Warning: not tried, but at least gives you the things to Google for!)
You need the win32security module from the pywin32 extensions. [1]
In particular, you want to look at the LogonUser and
ImpersonateLoggedOnUser functions.
TJG
[1] http://pywin32.sf.net
On 23 Ago, 10:38, Tim Golden <m...@timgolden.me.ukwrote:
billiejoex wrote:
Hi there. I'm writing a modification for a FTP server library I'm
maintaining.
Depending on the system I'd want to temporarily impersonate the logged
user to perform actions on filesystem.
Something like:
try:
change_user('user', 'password')
os.rmdir('dir')
except:
print "some error"
finally:
change_user('old_user', 'password')
On Unix I took at look at os.seteuid() and os.setegid() functions and
I noticed they could be useful for my purpose.
On Windows I have no idea about how could I emulate a similar
behaviour.
Could someone please point me in the right direction?
(Warning: not tried, but at least gives you the things to Google for!)
You need the win32security module from the pywin32 extensions. [1]
In particular, you want to look at the LogonUser and
ImpersonateLoggedOnUser functions.
TJG
[1]http://pywin32.sf.net- Nascondi testo tra virgolette -
- Mostra testo tra virgolette -
Thanks for suggestion.
I made it.
On 8/23/07, billiejoex <gn****@gmail.comwrote:
On 23 Ago, 10:38, Tim Golden <m...@timgolden.me.ukwrote:
billiejoex wrote:
Hi there. I'm writing a modification for a FTP server library I'm
maintaining.
Depending on the system I'd want to temporarily impersonate the logged
user to perform actions on filesystem.
Something like:
try:
change_user('user', 'password')
os.rmdir('dir')
except:
print "some error"
finally:
change_user('old_user', 'password')
On Unix I took at look at os.seteuid() and os.setegid() functions and
I noticed they could be useful for my purpose.
On Windows I have no idea about how could I emulate a similar
behaviour.
Could someone please point me in the right direction?
(Warning: not tried, but at least gives you the things to Google for!)
You need the win32security module from the pywin32 extensions. [1]
In particular, you want to look at the LogonUser and
ImpersonateLoggedOnUser functions.
TJG
[1]http://pywin32.sf.net- Nascondi testo tra virgolette -
- Mostra testo tra virgolette -
Thanks for suggestion.
I made it.
Note that running your process as a user with enough priviledges to
impersonate another user pretty much eliminates all the benefits of
running as a low-priviledged user in the first place. Consider
re-thinking your application model and having an "ftp" user instead.
On 23 Ago, 13:13, "Chris Mellon" <arka...@gmail.comwrote:
On 8/23/07, billiejoex <gne...@gmail.comwrote:
On 23 Ago, 10:38, Tim Golden <m...@timgolden.me.ukwrote:
billiejoex wrote:
Hi there. I'm writing a modification for a FTP server library I'm
maintaining.
Depending on the system I'd want to temporarily impersonate the logged
user to perform actions on filesystem.
Something like:
try:
change_user('user', 'password')
os.rmdir('dir')
except:
print "some error"
finally:
change_user('old_user', 'password')
On Unix I took at look at os.seteuid() and os.setegid() functions and
I noticed they could be useful for my purpose.
On Windows I have no idea about how could I emulate a similar
behaviour.
Could someone please point me in the right direction?
(Warning: not tried, but at least gives you the things to Google for!)
You need the win32security module from the pywin32 extensions. [1]
In particular, you want to look at the LogonUser and
ImpersonateLoggedOnUser functions.
TJG
[1]http://pywin32.sf.net-Nascondi testo tra virgolette -
- Mostra testo tra virgolette -
Thanks for suggestion.
I made it.
Note that running your process as a user with enough priviledges to
impersonate another user pretty much eliminates all the benefits of
running as a low-priviledged user in the first place. Consider
re-thinking your application model and having an "ftp" user instead.- Nascondi testo tra virgolette -
- Mostra testo tra virgolette -
Could you be more precise?
Why it's not a good idea?
I was thinking of starting ftpd as limited user ('nobody'/'ftp' on
unix, 'Guest' on Windows), then temporary switching to another user
when I got to perform actions on file system.
Maybe you're saying that as limited user I can't do such switching?
billiejoex wrote:
On 23 Ago, 13:13, "Chris Mellon" <arka...@gmail.comwrote:
[...]
>Note that running your process as a user with enough priviledges to
impersonate another user pretty much eliminates all the benefits of
running as a low-priviledged user in the first place. Consider
re-thinking your application model and having an "ftp" user instead.- Nascondi testo tra virgolette -
- Mostra testo tra virgolette -
Could you be more precise?
Why it's not a good idea?
I was thinking of starting ftpd as limited user ('nobody'/'ftp' on
unix, 'Guest' on Windows), then temporary switching to another user
when I got to perform actions on file system.
Maybe you're saying that as limited user I can't do such switching?
That's exactly what he's saying.
regards
Steve
--
Steve Holden +1 571 484 6266 +1 800 494 3119
Holden Web LLC/Ltd http://www.holdenweb.com
Skype: holdenweb http://del.icio.us/steve.holden
--------------- Asciimercial ------------------
Get on the web: Blog, lens and tag the Internet
Many services currently offer free registration
----------- Thank You for Reading -------------
On 23 Ago, 23:20, Steve Holden <st...@holdenweb.comwrote:
billiejoex wrote:
On 23 Ago, 13:13, "Chris Mellon" <arka...@gmail.comwrote:
[...]
Note that running your process as a user with enough priviledges to
impersonate another user pretty much eliminates all the benefits of
running as a low-priviledged user in the first place. Consider
re-thinking your application model and having an "ftp" user instead.- Nascondi testo tra virgolette -
- Mostra testo tra virgolette -
Could you be more precise?
Why it's not a good idea?
I was thinking of starting ftpd as limited user ('nobody'/'ftp' on
unix, 'Guest' on Windows), then temporary switching to another user
when I got to perform actions on file system.
Maybe you're saying that as limited user I can't do such switching?
That's exactly what he's saying.
regards
Steve
--
Steve Holden +1 571 484 6266 +1 800 494 3119
Holden Web LLC/Ltd http://www.holdenweb.com
Skype: holdenweb http://del.icio.us/steve.holden
--------------- Asciimercial ------------------
Get on the web: Blog, lens and tag the Internet
Many services currently offer free registration
----------- Thank You for Reading -------------- Nascondi testo tra virgolette -
- Mostra testo tra virgolette -
Uhm... I'm confused.
Which kind of aproach is generally adopted in such cases? This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: Ian Frawley |
last post by:
Anyone used the WindowsIdentity class with success? I find if I try to change the current identity to one that exists on another machine and then try to perform and action on that machine i.e....
|
by: BLiTZWiNG |
last post by:
After playing with the code shown and utilising Willy Denyottes' help, I have
come to the conclusion that there is some form of difference between the
managed WindowsIdentity.Impersonate() over the...
|
by: Alvaro Pereira |
last post by:
I have a ASP.NET project that prints a report to a NETWORK-
PRINTER. I have impersonate=true in my web.config, but all
reports are printed under ASPNET user (the one that is
setted in...
|
by: Erez Shor |
last post by:
Hi,
I need to build and asp page which access a remote windows server's
registry and create a registry key.
In order for the ASP page to be able to access the registry on the
remote server I need...
|
by: Svein Terje Gaup |
last post by:
I have a website running on Windows 2000 Server, that should be able to
retrieve data from a datawarehouse on another machine running Windows 2000
Server, SQL Server 2000 and SQL Server 2000...
|
by: RTT |
last post by:
i'm writing a windows form but codebased a iwant to run the code as a
different user.
like in a webapplication you can impersonate a user so the website does not
run on the standard ASP.NET...
|
by: Oleg Ogurok |
last post by:
Hi there,
My ASP.NET application has impersonation turned on in web.config as
follows:
<identity impersonate="true" />
However, now I need to connect to a SQL database. Rather than allowing...
|
by: rockdale |
last post by:
Hi, all:
My asp.net application calles MS speech 5.1 and generate a wav file on
server's path. Everything runs perfectly on my development machine. But
when I move the appl to production server,...
|
by: =?Utf-8?B?QXZhRGV2?= |
last post by:
ASP.Net 2.
We are migrating to Windows 2008 64 bit Server with IIS 7 from Windows 2003
32 Bit with IIS 6. A few library classes we wrote uses impersonation in code
like explained in this...
|
by: emmanuelkatto |
last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud.
Please let me know.
Thanks!
Emmanuel
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers,...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and...
| |
