> I note that there is a getuid/geteuid routine in posixmodule, but no
> corresponding setuid. I would like to have a inet server daemon
> written in python, but I need to setuid to the connecting users id.
>
> Adding setuid to posixmodule is easy enough, but the fact that it was
> left out suggests to me that maybe the security problems of doing so
> are greater than I would guess. Is there any problems with running
> python scripts SETUID root ( assuming of course that the scripts them
> self are installed without write access ). /usr/bin/python doesn't
> need to be SETUID as well as the python script, does it ? ( THAT
> *WOULD* be a problem! )
I don't know why setuid and seteuid were left out. It may have been
an oversight.
As to your wanting to run a setuid python script, I strongly advice
against that. Having setuid scripts is inherently insecure. The
insecurity has nothing to do with the interpreter. It doesn't help
making the scripts and all directories leading to it unwritable.
Of course, that doesn't mean that there may not be a need for setuid
and seteuid. It is very well possible to run python scripts as root
and wanting to become a user. I don't see any security reason not to
do that, as long as the script is written properly.
Sjoerd Mullender
CWI, dept. CST, Kruislaan 413, 1098 SJ Amsterdam, Netherlands
email: Sjoerd.Mullender@cwi.nl fax: +31 20 592 4199
phone: +31 20 592 4127 telex: 12571 mactr nl