Serge Orlov wrote: > Florian Lindner wrote: >> Paul Rubin wrote: >> >>> - sort of similar: have a separate process running that knows the >>> password (administrator enters it at startup time). That process >>> listens on a unix socket and checks the ID of the client. It reveals >>> the password to authorized clients, i.e. your readable script running >>> under sudo. This keeps the password from ever being stored on disk. >>> >>> - Modify the script itself to run as a long-running service instead >>> of as something that gets started and restarted all the time. Have >>> an admin start it and type the password into it at startup time. >>> Users then connect to it (maybe with a web browser) and send it >>> commands. >>> >>> - Move the user operations from the script to server side database >>> procedures that do their own validity checking. Then you don't need >>> a password. >> >> I'll evaluate the 3 ideas above further. > > I'm surprised there are no building blocks for a sudo replacement > in the UNIX world, at least I googled and couldn't find them. > Basically you need to split you script into two parts: priveledged > server and user client. They can talk xml-rpc over unix socket.
Can I find out the identity of the client (PID/UID) when using unix socket? > If you need performance you can also open another socket > for sending huge binary objects. > > With regards to clear text password and admin, you can only > obfuscate or make it hard to obtain the password. It's just to > keep honest admins honest. Same story on windows, btw. > > Serge. Florian -- http://mail.python.org/mailman/listinfo/python-list