Message91835
It should be easier to write network servers and setuid programs in
python. One of the troublesome issues is that the semantics of the
setuid/getuid-related calls are quite complicated.
There are two papers on this subject that form the background of this
feature request:
http://www.cs.berkeley.edu/~daw/papers/setuid-usenix02.pdf
http://www.cs.berkeley.edu/~daw/papers/setuid-login08b.pdf
In general, then, the end goal is a safe (portable, secure) way to drop
privileges either temporarily or permanently.
Wagner et. al. have proposed a decent interface, but it's unclear to me
where it should be implemented.
Furthermore, it makes use of the getresuid/setresuid calls (among many
others), which don't appear from their manpages to be standardized by
POSIX, but are available in most modern Unix OSes. So this leaves me
with two questions; have these functions been standardized, and if not,
where should they be implemented?
I'm willing to do the coding, but need some guidance on where to put the
code. |
|
Date |
User |
Action |
Args |
2009-08-21 18:49:37 | solinym | set | recipients:
+ solinym |
2009-08-21 18:49:37 | solinym | set | messageid: <1250880577.62.0.941118593261.issue6758@psf.upfronthosting.co.za> |
2009-08-21 18:49:36 | solinym | link | issue6758 messages |
2009-08-21 18:49:35 | solinym | create | |
|