[Twisted-Python] t.i.process uid/gid suckiness

Anthony Baxter anthony at interlink.com.au
Tue Mar 11 09:17:55 EST 2003


>>> Tommi Virtanen wrote
> 	0) make the t.i.process setuid/setgid code actually work (see
> 	   patch; BTW is the initgroups part really needed? I feel my
> 	   pure-python 6-liner does the same thing.)

> +        def initgroups(username, dummy):
> +            l=[]
> +            for groupname, password, gid, userlist in grp.getgrall():
> +                if username in userlist:
> +                    l.append(gid)
> +            os.setgroups(l)

Certainly on the operating systems that I can recall, your initgroups()
is doing the same thing as the C level initgroups. But if the C level
one is available, it seems more prudent to use it if it's there - gods
only know what some weirdo systems do (shuddering to recall some of 
DEC's "enhanced security" cruft in Ultrix and OSF/1...)

-- 
Anthony Baxter     <anthony at interlink.com.au>   
It's never too late to have a happy childhood.




More information about the Twisted-Python mailing list