Re: [Zope] ExternalMethod - add new parameter
rishi pathak wrote: We have a portal using which users use our compute resources. In zope we use NIS authentication for validating a user.We have many things that requires root/logged in user privledeges.One example is of a 'file system explorer'.In this I have used ZFSpath product.This explorer is used by users to navigate through their home areas and select what ever file they want.As of now I have changed some functions of ZFSpath class which I was using so that they can be executed as the logged in user(since zope does not have rwx permissions on other user's directory).This is just one case.Hope I have cleared myself well. You are playing a mind numbingly dangerous game. Good luck to you, but I hope people on this list refrain from further helping you point that large canon at your left toe... Chris -- Simplistix - Content Management, Zope & Python Consulting - http://www.simplistix.co.uk ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] ExternalMethod - add new parameter
hi again, Let me clarify what I am doing and what is my approach till now. We have a portal using which users use our compute resources. In zope we use NIS authentication for validating a user.We have many things that requires root/logged in user privledeges.One example is of a 'file system explorer'.In this I have used ZFSpath product.This explorer is used by users to navigate through their home areas and select what ever file they want.As of now I have changed some functions of ZFSpath class which I was using so that they can be executed as the logged in user(since zope does not have rwx permissions on other user's directory).This is just one case.Hope I have cleared myself well. On Wed, Apr 9, 2008 at 11:44 PM, Dieter Maurer <[EMAIL PROTECTED]> wrote: > rishi pathak wrote at 2008-4-8 18:03 +0530: > > I dont have a need to run all the external method as root, > only > >some of them. > > I did understand this *BUT* you do not have a choice. > > While a single ExternalMethod runs as "root", the complete > Zope process runs as root -- and this applies to all > requests which are run in parallel with your ExternalMethod. > > Please reread my former message. > > If you have touble to understand the terms "thread" and/or "process", > consult Wikipedia to get some insight. > > > ... > >On Tue, Apr 8, 2008 at 12:50 AM, Dieter Maurer <[EMAIL PROTECTED]> > wrote: > > > >> rishi pathak wrote at 2008-4-7 17:46 +0530: > >> >There is a requirement for running some external methods as super > user. > >> >For this I thought of adding a new parameter.If set the code would be > >> >executed with effective uid of root. > >> > >> This is extremely dangerous. > >> > >> To run code as super user, you need to change the effective user id. > >> Changing the effective user id affects the whole process -- not just > >> the thread executing your external method. > >> These things are very difficult to handle in a multi threaded > environment, > >> in general. > >> Moreover, running internet driven code uncontrolled as super user > >> is likely to be a big security risk. > >> > >> > >> Let your application write some command to a queue and process > >> the queue asynchronously. The processing can be performed as > >> super user. > >> > >> If this is not possible, let your application communicate > >> with another process which runs as super user -- and pass on > >> synchronous commands from your application to this process. > >> > >> In both cases, it is ensured that only the restricted command > >> set can be used to run something as super user -- and > >> not some arbitrary code > > > > -- > Dieter > -- Regards-- Rishi Pathak ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] ExternalMethod - add new parameter
rishi pathak wrote at 2008-4-8 18:03 +0530: > I dont have a need to run all the external method as root, only >some of them. I did understand this *BUT* you do not have a choice. While a single ExternalMethod runs as "root", the complete Zope process runs as root -- and this applies to all requests which are run in parallel with your ExternalMethod. Please reread my former message. If you have touble to understand the terms "thread" and/or "process", consult Wikipedia to get some insight. > ... >On Tue, Apr 8, 2008 at 12:50 AM, Dieter Maurer <[EMAIL PROTECTED]> wrote: > >> rishi pathak wrote at 2008-4-7 17:46 +0530: >> >There is a requirement for running some external methods as super user. >> >For this I thought of adding a new parameter.If set the code would be >> >executed with effective uid of root. >> >> This is extremely dangerous. >> >> To run code as super user, you need to change the effective user id. >> Changing the effective user id affects the whole process -- not just >> the thread executing your external method. >> These things are very difficult to handle in a multi threaded environment, >> in general. >> Moreover, running internet driven code uncontrolled as super user >> is likely to be a big security risk. >> >> >> Let your application write some command to a queue and process >> the queue asynchronously. The processing can be performed as >> super user. >> >> If this is not possible, let your application communicate >> with another process which runs as super user -- and pass on >> synchronous commands from your application to this process. >> >> In both cases, it is ensured that only the restricted command >> set can be used to run something as super user -- and >> not some arbitrary code -- Dieter ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] ExternalMethod - add new parameter
If you would elaborate a little, like what you really want to do, you might get responses directing you toward a quicker solution. That aside, if you want to execute a command line application as root from your External Method look at Paramiko as mentioned in my response to the previous External Method question. Paramiko is a python library that allows you to use ssh or sftp. Thomas On Monday 07 April 2008 08:16, rishi pathak wrote: > There is a requirement for running some external methods as super user. > For this I thought of adding a new parameter.If set the code would be > executed with effective uid of root. > Can some one point to the code section where zope loads the ExternalMethod > codes for execution. -- Thomas McMillan Grant Bennett Appalachian State University Operations & Systems AnalystP O Box 32026 University Library Boone, North Carolina 28608 (828) 262 6587 "... using OpenOffice.org, and save them back to disk automatically, in MS Word format. They surf the Web, check e-mail, do instant messsaging, view YouTube videos, visit their Facebook pages, learn touch-typing skills and lots more. Our public library has been offering these Linux public stations for the past three years." - Phil Shapiro Linux Journal January 2008 Library Systems Help Desk: https://www.library.appstate.edu/help/ ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] ExternalMethod - add new parameter
rishi pathak wrote at 2008-4-8 18:03 +0530: > I dont have a need to run all the external method as root, only >some of them. For this what I was thinking was to introduce a new control >apart from the regular ones. Apparently, my previous message has not been clear enough. Let's try again: The effect of changing the effective user (e.g. to "root") is not restricted to a single thread but affects all threads in the current process. If you do this in one of your ExternalMethod's, all Zope requests start to be executed with root as effective user -- even those not executing your ExternalMethod. If at the end of your ExternalMethod, you switch back to the former user, the complete Zope process switches back -- even (other) requests that are currently executing an ExternalMethod that should run as root -- and which is likely to fail therefore. I hope the description should show you that this is the wrong approach. Please read my previous message (and other messages in this thread) to learn about alternatives. -- Dieter ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] ExternalMethod - add new parameter
Hi Rishi. Can you telll me where should I look in the source(Code segment where external methods are loaded and executed) External methods are not just 'called' or 'loaded', they are executed in a zope thread which belong to the zope user. Changing the effective user would be a complex and risky task to do and is probably not needed your your project. Can you explain what you're trying to do in those External methods? Maybe we can help you to find a more elegant, simple solution. Martijn. -- Martijn Jacobs Four Digits, Internet Solutions a: Willemsplein 15-1 6811 KB Arnhem NL kvk: 09162137 | btw: 8161.22.234.B01 e-mail: [EMAIL PROTECTED] | web: http://www.fourdigits.nl tel: +31 (0)26 44 22 700 | fax: +31 (0)84 22 06 117 ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] ExternalMethod - add new parameter
Zope itself should not be running as root. The external method will run as whatever user zope is running as. If you insist on doing this kind of thing, which is a pretty bad idea, then use os.system(...) or one of the popen(...) commands to call another program that you have permitted root access by a somewhat controlled process, such as sudo. At least then, you will have a log of changes (unless you make a security mistake and the log can itself be altered). jim penny Chris Withers <[EMAIL PROTECTED]> Sent by: [EMAIL PROTECTED] 04/08/2008 09:52 AM To rishi pathak <[EMAIL PROTECTED]> cc Dieter Maurer <[EMAIL PROTECTED]>, zope@zope.org Subject Re: [Zope] ExternalMethod - add new parameter rishi pathak wrote: > I dont have a need to run all the external method as root, only > some of them. You seem to be carefully ignoring the fact that Dieter is pointing out that this isn't possible ;-) Chris -- Simplistix - Content Management, Zope & Python Consulting - http://www.simplistix.co.uk ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev ) ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] ExternalMethod - add new parameter
rishi pathak wrote: I dont have a need to run all the external method as root, only some of them. You seem to be carefully ignoring the fact that Dieter is pointing out that this isn't possible ;-) Chris -- Simplistix - Content Management, Zope & Python Consulting - http://www.simplistix.co.uk ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] ExternalMethod - add new parameter
Hi Dieter, I dont have a need to run all the external method as root, only some of them. For this what I was thinking was to introduce a new control apart from the regular ones. viz id , title , Module Name and Function Name by name of 'Run as root', it would probably be a checkbox.Then at the point when external method code is executed I would check for the said control and if checked would get it executed as root. Can you telll me where should I look in the source(Code segment where external methods are loaded and executed) On Tue, Apr 8, 2008 at 12:50 AM, Dieter Maurer <[EMAIL PROTECTED]> wrote: > rishi pathak wrote at 2008-4-7 17:46 +0530: > >There is a requirement for running some external methods as super user. > >For this I thought of adding a new parameter.If set the code would be > >executed with effective uid of root. > > This is extremely dangerous. > > To run code as super user, you need to change the effective user id. > Changing the effective user id affects the whole process -- not just > the thread executing your external method. > These things are very difficult to handle in a multi threaded environment, > in general. > Moreover, running internet driven code uncontrolled as super user > is likely to be a big security risk. > > > Let your application write some command to a queue and process > the queue asynchronously. The processing can be performed as > super user. > > If this is not possible, let your application communicate > with another process which runs as super user -- and pass on > synchronous commands from your application to this process. > > In both cases, it is ensured that only the restricted command > set can be used to run something as super user -- and > not some arbitrary code > > > > -- > Dieter > -- Regards-- Rishi Pathak National PARAM Supercomputing Facility Center for Development of Advanced Computing(C-DAC) Pune University Campus,Ganesh Khind Road Pune-Maharastra ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] ExternalMethod - add new parameter
rishi pathak wrote at 2008-4-7 17:46 +0530: >There is a requirement for running some external methods as super user. >For this I thought of adding a new parameter.If set the code would be >executed with effective uid of root. This is extremely dangerous. To run code as super user, you need to change the effective user id. Changing the effective user id affects the whole process -- not just the thread executing your external method. These things are very difficult to handle in a multi threaded environment, in general. Moreover, running internet driven code uncontrolled as super user is likely to be a big security risk. Let your application write some command to a queue and process the queue asynchronously. The processing can be performed as super user. If this is not possible, let your application communicate with another process which runs as super user -- and pass on synchronous commands from your application to this process. In both cases, it is ensured that only the restricted command set can be used to run something as super user -- and not some arbitrary code -- Dieter ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] ExternalMethod - add new parameter
rishi pathak wrote: There is a requirement for running some external methods as super user. For this I thought of adding a new parameter.If set the code would be executed with effective uid of root. Can some one point to the code section where zope loads the ExternalMethod codes for execution. External methods are not executed as shell scripts as you might think. They are called by the zope process and therefore running as the 'effective-user' which is configured in etc/zope.conf. Security wise it's also not recommended to do so anyway. I'd suggest you create a cron job for the root user which does the things you want (you could do that in python as well). Martijn. -- Martijn Jacobs Four Digits, Internet Solutions a: Willemsplein 15-1 6811 KB Arnhem NL kvk: 09162137 | btw: 8161.22.234.B01 e-mail: [EMAIL PROTECTED] | web: http://www.fourdigits.nl tel: +31 (0)26 44 22 700 | fax: +31 (0)84 22 06 117 ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
[Zope] ExternalMethod - add new parameter
There is a requirement for running some external methods as super user. For this I thought of adding a new parameter.If set the code would be executed with effective uid of root. Can some one point to the code section where zope loads the ExternalMethod codes for execution. -- Regards-- Rishi Pathak ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
