Drop Privileges - Python Snipplr Social Repository

Revision: 5627

at March 20, 2008 11:18 by kangell

Updated Code

# Get the UID the application was started with
# which must have been 'root' if you want this process
# to have 'root' like abilities.
privUID = os.geteuid()
# Get the UID that the application should use for
# most of its processing, 'nobody' is usually
# a good choice.
normalUID = pwd.getpwnam( 'nobody' )[2]

def runAsNormal():
	"""Switch this process to normal privileges, we shouldn't be able to 
do anything naughty in this mode."""
	os.seteuid( normalUID )
def runAsPrivileged():
	"""Switch to super user privileges, here we can do anything we want."""
	os.seteuid( privUID )

# Once program has initialized, drop privileges
runAsNormal()

# ... some normal application code...

# Do do something that requires super user privileges 
try:
	runAsPrivileged()
	# ... do the stuff we need to be super for
finally:
	# Switch out of super mode and back to normal
	runAsNormal()

Revision: 5626

at March 20, 2008 11:11 by kangell

Initial Code

privUID = os.geteuid()
normalUID = pwd.getpwnam( 'nobody' )[2]

def runAsNormal():
	os.seteuid( normalUID )
def runAsPriv():
	os.seteuid( privUID )

Initial URL

Initial Description

Initial Title

Drop Privileges

Initial Tags

unix, user

Initial Language

Python

Choose a language for easy browsing: