[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-commits] [flashproxy/master] Add fac.drop_privs function.
commit 80387d661788de565b4c1e40613897d0f59021c3
Author: David Fifield <david@xxxxxxxxxxxxxxx>
Date: Sat Jun 1 20:49:16 2013 -0700
Add fac.drop_privs function.
---
facilitator/fac.py | 18 ++++++++++++++++++
1 file changed, 18 insertions(+)
diff --git a/facilitator/fac.py b/facilitator/fac.py
index d43a522..70d482d 100644
--- a/facilitator/fac.py
+++ b/facilitator/fac.py
@@ -4,6 +4,7 @@ import re
import socket
import stat
import subprocess
+import pwd
# Return true iff the given fd is readable, writable, and executable only by its
# owner.
@@ -11,6 +12,23 @@ def check_perms(fd):
mode = os.fstat(fd)[0]
return (mode & (stat.S_IRWXG | stat.S_IRWXO)) == 0
+# Drop privileges by switching ID to that of the given user.
+# http://stackoverflow.com/questions/2699907/dropping-root-permissions-in-python/2699996#2699996
+# https://www.securecoding.cert.org/confluence/display/seccode/POS36-C.+Observe+correct+revocation+order+while+relinquishing+privileges
+# https://www.securecoding.cert.org/confluence/display/seccode/POS37-C.+Ensure+that+privilege+relinquishment+is+successful
+def drop_privs(username):
+ uid = pwd.getpwnam(username).pw_uid
+ gid = pwd.getpwnam(username).pw_gid
+ os.setgroups([])
+ os.setgid(gid)
+ os.setuid(uid)
+ try:
+ os.setuid(0)
+ except OSError:
+ pass
+ else:
+ raise AssertionError("setuid(0) succeeded after attempting to drop privileges")
+
# A decorator to ignore "broken pipe" errors.
def catch_epipe(fn):
def ret(self, *args):
_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits