rishi pathak wrote at 2008-4-8 18:03 +0530:
>             I dont have a need to run all the external method as root, only
>some of them.

I did understand this *BUT* you do not have a choice.

  While a single ExternalMethod runs as "root", the complete
  Zope process runs as root -- and this applies to all
  requests which are run in parallel with your ExternalMethod.

Please reread my former message.

If you have touble to understand the terms "thread" and/or "process",
consult Wikipedia to get some insight.

> ...
>On Tue, Apr 8, 2008 at 12:50 AM, Dieter Maurer <[EMAIL PROTECTED]> wrote:
>> rishi pathak wrote at 2008-4-7 17:46 +0530:
>> >There is a requirement for running some external methods as super user.
>> >For this I thought of adding a new parameter.If set the code would be
>> >executed with effective uid of root.
>> This is extremely dangerous.
>> To run code as super user, you need to change the effective user id.
>> Changing the effective user id affects the whole process -- not just
>> the thread executing your external method.
>> These things are very difficult to handle in a multi threaded environment,
>> in general.
>> Moreover, running internet driven code uncontrolled as super user
>> is likely to be a big security risk.
>> Let your application write some command to a queue and process
>> the queue asynchronously. The processing can be performed as
>> super user.
>> If this is not possible, let your application communicate
>> with another process which runs as super user -- and pass on
>> synchronous commands from your application to this process.
>> In both cases, it is ensured that only the restricted command
>> set can be used to run something as super user -- and
>> not some arbitrary code....

Zope maillist  -  Zope@zope.org
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-dev )

Reply via email to