Apols for being a nuisance. I'm normally if anything a web programmer. It looks like there are set-id functions in the os module. Further I don't actually need root privileges, just write access to a directory that a user ordinarily does not have write access to (and preferably not read). So a call to os.setegid(egid) with a group created for the program's use alone would do this then. (Unless this is bad technique security wise otherwise, as a uid 0 seteuid call would be considered; but surely what I am thinking of doing is not a security risk.)
> I have almost no experiences with Perl, but I really doubt, that the general > problem would be solved with it. > Quoting from the article linked to by Steven D'Aprano: "If you are new to secure programming, I recommend either sudo or a Perl script. SUID Perl scripts have built-in protection to prevent programmers from making the mistakes addressed in this article." Perl has something called 'tainted mode' built in, which for example will prevent what it judges as untrustworthy data being appended to the end of the passwd file. -- http://mail.python.org/mailman/listinfo/python-list
