On 11/26/2014 09:48 AM, Chris Angelico wrote:
On Thu, Nov 27, 2014 at 2:36 AM, Tim Daneliuk <tun...@tundraware.com> wrote:
The more I think about this, the more I think I am just going to look for
the
string 'sudo' anywhere in the argument. This merely will force the user to
enter their sudo password if detected. If it turns out to be a false
positive,
no harm will be done and the password will just go unused.
That sounds reasonable; imperfect, but reasonable. But what happens if
the password "goes unused"? Will it be provided on stdin to the
program? That could be VERY bad in two ways (revealing the password,
and breaking the program's expectations).
ChrisA
Nope. Password only exist in memory locally.
If you want to see the whole program in action as it currently exists:
http://www.tundraware.com/Software/tsshbatch
I do a lot of work in very large data centers where I need to execute a
bunch of commands across, say, a thousand servers. tsshbatch has solved
the problem neatly for some years. I'm just trying to knock some of
the rough edges off it :)
P.S. There are other such programs like 'capistrano' that are spiritually quite
similar. I wrote tsshbatch before I found out about the others, which
are all written in other lanugages (like Ruby). So, not only did
this serve to solve my problem, it also taught me paramiko :)
--
----------------------------------------------------------------------------
Tim Daneliuk tun...@tundraware.com
PGP Key: http://www.tundraware.com/PGP/
--
https://mail.python.org/mailman/listinfo/python-list
