[Twisted-Python] t.i.process uid/gid suckiness
Anthony Baxter
anthony at interlink.com.au
Tue Mar 11 07:17:55 MST 2003
>>> Tommi Virtanen wrote
> 0) make the t.i.process setuid/setgid code actually work (see
> patch; BTW is the initgroups part really needed? I feel my
> pure-python 6-liner does the same thing.)
> + def initgroups(username, dummy):
> + l=[]
> + for groupname, password, gid, userlist in grp.getgrall():
> + if username in userlist:
> + l.append(gid)
> + os.setgroups(l)
Certainly on the operating systems that I can recall, your initgroups()
is doing the same thing as the C level initgroups. But if the C level
one is available, it seems more prudent to use it if it's there - gods
only know what some weirdo systems do (shuddering to recall some of
DEC's "enhanced security" cruft in Ultrix and OSF/1...)
--
Anthony Baxter <anthony at interlink.com.au>
It's never too late to have a happy childhood.
More information about the Twisted-Python
mailing list