New submission from Travis H. <travis+w-python....@subspacefield.org>:
It should be easier to write network servers and setuid programs in python. One of the troublesome issues is that the semantics of the setuid/getuid-related calls are quite complicated. There are two papers on this subject that form the background of this feature request: http://www.cs.berkeley.edu/~daw/papers/setuid-usenix02.pdf http://www.cs.berkeley.edu/~daw/papers/setuid-login08b.pdf In general, then, the end goal is a safe (portable, secure) way to drop privileges either temporarily or permanently. Wagner et. al. have proposed a decent interface, but it's unclear to me where it should be implemented. Furthermore, it makes use of the getresuid/setresuid calls (among many others), which don't appear from their manpages to be standardized by POSIX, but are available in most modern Unix OSes. So this leaves me with two questions; have these functions been standardized, and if not, where should they be implemented? I'm willing to do the coding, but need some guidance on where to put the code. ---------- messages: 91835 nosy: solinym severity: normal status: open title: implement new setuid-related calls and a standard way to drop all privileges type: feature request versions: Python 2.7, Python 3.2 _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue6758> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
