In message <[EMAIL PROTECTED]>, Piet van Oostrum wrote:
> Lawrence D'Oliveiro <[EMAIL PROTECTED]> (LD) wrote:
> In message <[EMAIL PROTECTED]>, Piet van Oostrum wrote:
>
>> The scenario is as follows: Suppose the script starts with the line:
>> #!/usr/bin/python
>>
>> (using #!/usr/bin/env pytho
> Lawrence D'Oliveiro <[EMAIL PROTECTED]> (LD) wrote:
>LD> No it wouldn't. This security hole was fixed years ago.
How?
--
Piet van Oostrum <[EMAIL PROTECTED]>
URL: http://www.cs.uu.nl/~piet [PGP 8DAE142BE17999C4]
Private email: [EMAIL PROTECTED]
--
http://mail.python.org/mailman/listinfo/p
In message <[EMAIL PROTECTED]>, Piet van Oostrum wrote:
> The scenario is as follows: Suppose the script starts with the line:
> #!/usr/bin/python
>
> (using #!/usr/bin/env python would be disastrous because the user could
> supply his own `python interpreter' in his PATH.)
>
> Now a malicious u
> Sebastian 'lunar' Wiesner <[EMAIL PROTECTED]> (SW) wrote:
>SW> I don't see a problem with SUID on scripts. If you restrict write access
>SW> to the owner, modification is hardly possible.
>SW> However, if you allow world-wide write access to your binaries and
>SW> scripts, both can easily b
I find that I can often live with a 0-60 sec. pause. and set command in
a queue like
then have a cron that runs once a min as the user you need to run this
on
that looks at the queue and sees if there are any pending
I often use a sql database for this
--
http://mail.python.org/mailman/listinfo
[ Ivan Voras <[EMAIL PROTECTED]> ]
> Sebastian 'lunar' Wiesner wrote:
>> Carsten Haese <[EMAIL PROTECTED]> typed
>
>>> I don't think that that has anything to do with Linux or not. The
>>> script is not the actual executable, hence its suid bit is
>>> irrelevant.
>>
>> I don't think so. From wha
Sebastian 'lunar' Wiesner wrote:
> Carsten Haese <[EMAIL PROTECTED]> typed
>> I don't think that that has anything to do with Linux or not. The
>> script is not the actual executable, hence its suid bit is irrelevant.
>
> I don't think so. From what I know, the script is passed as executable
> to
Piet van Oostrum <[EMAIL PROTECTED]> typed
>> Sebastian 'lunar' Wiesner <[EMAIL PROTECTED]> (SW) wrote:
>
>>SW> Linux seems to ignore SUID bit on scripts:
>
> The reason is that obeying SUID bits on scripts would be a security
> risk.
I don't see a problem with SUID on scripts. If you restr
"Ramdas" <[EMAIL PROTECTED]> wrote:
>
>I need to add users from a web interface for a web server, which runs
>only Python. I need to add users, set quotas and in future even look at
>managing ip tables to limit bandwidth.
>
>I know os.system(), but this has to be done through a form entry
>through
> Sebastian 'lunar' Wiesner <[EMAIL PROTECTED]> (SW) wrote:
>SW> Linux seems to ignore SUID bit on scripts:
The reason is that obeying SUID bits on scripts would be a security risk.
--
Piet van Oostrum <[EMAIL PROTECTED]>
URL: http://www.cs.uu.nl/~piet [PGP 8DAE142BE17999C4]
Private email: [
> >
> > How about invoking scripts with SUID root set?
>
> Linux seems to ignore SUID bit on scripts:
Yes. My bad. The work around was to use native launchers. I don't
remember the details. Perhaps with the interpreter embedded to launch
it in-process and to hard code the script paths (or at least
Carsten Haese <[EMAIL PROTECTED]> typed
> On Tue, 2007-01-02 at 17:17 +0100, Sebastian 'lunar' Wiesner wrote:
>> Ravi Teja <[EMAIL PROTECTED]> typed
>>
>> >
>> > Ivan Voras wrote:
>> >> Ramdas wrote:
>> >> > Well,
>> >> >
>> >> > I need to add users from a web interface for a web server, which
>
On Tue, 2007-01-02 at 17:17 +0100, Sebastian 'lunar' Wiesner wrote:
> Ravi Teja <[EMAIL PROTECTED]> typed
>
> >
> > Ivan Voras wrote:
> >> Ramdas wrote:
> >> > Well,
> >> >
> >> > I need to add users from a web interface for a web server, which
> >> > runs only Python. I need to add users, set qu
Ravi Teja <[EMAIL PROTECTED]> typed
>
> Ivan Voras wrote:
>> Ramdas wrote:
>> > Well,
>> >
>> > I need to add users from a web interface for a web server, which
>> > runs only Python. I need to add users, set quotas and in future
>> > even look at managing ip tables to limit bandwidth.
>> >
>> >
Ivan Voras wrote:
> Ramdas wrote:
>> Well,
>>
>> I need to add users from a web interface for a web server, which runs
>> only Python. I need to add users, set quotas and in future even look at
>> managing ip tables to limit bandwidth.
>>
>> I know os.system(), but this has to be done through a for
Ivan Voras wrote:
> Ramdas wrote:
> > Well,
> >
> > I need to add users from a web interface for a web server, which runs
> > only Python. I need to add users, set quotas and in future even look at
> > managing ip tables to limit bandwidth.
> >
> > I know os.system(), but this has to be done throu
Ramdas wrote:
> Well,
>
> I need to add users from a web interface for a web server, which runs
> only Python. I need to add users, set quotas and in future even look at
> managing ip tables to limit bandwidth.
>
> I know os.system(), but this has to be done through a form entry
> through a web i
ng
> requirement or something on top.
>
> -h
>
> On 01/01/07, Daniel Klein <[EMAIL PROTECTED]> wrote:
> > On 1 Jan 2007 11:33:42 -0800, "Ramdas" <[EMAIL PROTECTED]> wrote:
> >
> > >How do I add users using Python scripts on a Linux machine?
>
ECTED]> wrote:
> On 1 Jan 2007 11:33:42 -0800, "Ramdas" <[EMAIL PROTECTED]> wrote:
>
> >How do I add users using Python scripts on a Linux machine?
> >
> >Someone has a script?
>
> This should be as easy as something like:
>
> os.system(&quo
On 1 Jan 2007 11:33:42 -0800, "Ramdas" <[EMAIL PROTECTED]> wrote:
>How do I add users using Python scripts on a Linux machine?
>
>Someone has a script?
This should be as easy as something like:
os.system("/usr/sbin/useradd -m -d /home/newuser -s /bin/ksh&quo
How do I add users using Python scripts on a Linux machine?
Someone has a script?
--
http://mail.python.org/mailman/listinfo/python-list
21 matches
Mail list logo
