On Tue, Nov 03, 2009 at 12:36:53PM +0000, Tobias Mueller wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Aloha, > > On 30.07.2009 13:42, Olav Vitters wrote: > > Could someone write a setuid wrapper for me? > > > I finally had time to do it.
Thanks! Really appreciated. Still haven't worked more on Mango, but now I have something to implement :-) > The should be pretty secure. I can't think of any vulnerabilities. > > called it > That is saved in saved_uid which is retrieved through getresuid(). > > > Could someone write above for me, securely? > > > Well, I'm not using system() since it'd inherit the environment, which > contains at least the IFS, PATH or PYTHONPATH environment variable. This > can be a problem. So using exec() family, one can define the > environment. So you might want to adapt this since you'll need a > PYTHONPATH, I guess. Shouldn't need PYTHONPATH. But would need another environment variable, so appreciate that I can easily set it. -- Regards, Olav _______________________________________________ gnome-infrastructure mailing list [email protected] http://mail.gnome.org/mailman/listinfo/gnome-infrastructure
