Hi all! I'm interested in developing a cross platform module that will allow a simple 'ping' functionality, i mean sending icmp type 8 code 0 and receiving appropriate answers. This sound like a simple work, but i ask for your help with architectural decision.
I can implement icmp communications using raw sockets (possibly, as an extension coded in C), or i can use subproccess module, ask system ping executable to do the work, and just parse it's output. There are problems with both solutions. First one will require root (or equivalent) privileges for the interpreter to work. This is unavoidable, we can just make the program suid, but sometimes (as to my mind, always) it is not an option. Security matters, i can't allow each and every untested application to run with root privileges. Besides, this will require the user to actually have root access to make program suid. I'm unsure about the way something similar to suid can be done on windows, too. Second one just plain looks ugly to me. I don't like the approach at all. But, this would avoid all security troubles with suid, because if the user can run ping, we can too. And this also mean sysadmin actually allowed the user to run ping. On the other hand, this will limit us to icmp types that concrete system's ping executable can work with. This means that on some systems we can use only type 8/ type 0 (i would like to use few others too). If i just needed a tool for specific environment, i would have easily chosen. But i'm going to create a module that everyone and everywhere could use. >From this point of view, calling system ping looks better. Can you please help me choose the correct way to handle this problem? Maybe, there are some other possibilities, witch i haven't taken into account? Is someone here interested in this functionality, anyway? Sorry for my poor English. -- http://mail.python.org/mailman/listinfo/python-list
