Regaining lost privileges
Is there anyway to regain 'root' privs from inside a zope product? Using the -u flag to start causes the privs to be permanently gone because z2.py uses setuid + setgid (and python doesn't seem to define sete[ug]id, at least not on my system). Other than running zope as root permanently (which I really would like to avoid), does anyone have any quick ideas on how to achieve this? I saw people asking about building 'admin' systems using Zope, this isn't going to be trivially possible without super user privs. -- Totally Holistic Enterprises Internet| P:+61 7 3870 0066 | Andrew Milton The Internet (Aust) Pty Ltd | F:+61 7 3870 4477 | ACN: 082 081 472 ABN: 83 082 081 472 | M:+61 416 022 411 | Carpe Daemon PO Box 837 Indooroopilly QLD 4068 |akm@theinternet.com.au|
Hi Andrew! On Fri, 01 Sep 2000, you wrote ...
I saw people asking about building 'admin' systems using Zope, this isn't going to be trivially possible without super user privs.
That people was me. Having looked into things a little further (but not actually started the admin tool yet due to "day job" pressures) I've decided to go the route (root?!) of using something like 'sudo' or 'runas' which allow you to provide a selection of suid scripts and specify which users are allowed to run them (zope, in my case, I suppose). I'm still considering the relative merits of using a sort of 'quarantine' file/database where zope will dump requests to do things and a cron job will poll it periodically to grab things out again and execute them. As I wrote that, I realise dthat it would be interesting to see if that file couldn't be made a ZODB storage so I could transfer structured information 'tween Zope and a python admin backend; perhaps make it a mountable storage from the zope point of view? This would have the added advantage of a little mild 'security through obscurity' for the file format for casual hackers who may get near to it one day ... -- Nigel Head Houbits Hi-Tech Servers nhead@houbits.com
+-------[ Nigel Head ]---------------------- | Hi Andrew! | | On Fri, 01 Sep 2000, you wrote | ... | > I saw people asking about building 'admin' systems using Zope, this isn't | > going to be trivially possible without super user privs. | | That people was me. Having looked into things a little further (but not | actually started the admin tool yet due to "day job" pressures) I've decided | to go the route (root?!) of using something like 'sudo' or 'runas' which | allow you to provide a selection of suid scripts and specify which users are | allowed to run them (zope, in my case, I suppose). | | I'm still considering the relative merits of using a sort of 'quarantine' | file/database where zope will dump requests to do things and a cron job will | poll it periodically to grab things out again and execute them. | | As I wrote that, I realise dthat it would be interesting to see if that file | couldn't be made a ZODB storage so I could transfer | structured information 'tween Zope and a python admin backend; perhaps make it | a mountable storage from the zope point of view? This would have the added | advantage of a little mild 'security through obscurity' for the file format for | casual hackers who may get near to it one day ... You are intrinsically reducing the platforms your software will run on as soon as you start trying to use external programs. If you only care about Linux, then that's all well and good. If you have a transaction database for polling, you may as well run another Zope as root, that only listens on the loopback device, and post the transactions into the root zope across SSL. At least that way you can share code. At least if you stick with the python API, you can cover most of the platforms that python covers. -- Totally Holistic Enterprises Internet| P:+61 7 3870 0066 | Andrew Milton The Internet (Aust) Pty Ltd | F:+61 7 3870 4477 | ACN: 082 081 472 ABN: 83 082 081 472 | M:+61 416 022 411 | Carpe Daemon PO Box 837 Indooroopilly QLD 4068 |akm@theinternet.com.au|
On Mon, 04 Sep 2000, you wrote:
You are intrinsically reducing the platforms your software will run on as soon as you start trying to use external programs. If you only care about Linux, then that's all well and good.
True! I'd like to find some method which is a little more portable, or at least external programs that run on multiple Unix versions. I guess, possibly unadvisedly, that any platform where Zope is running wouldn't be an impossible target for some of the other tools too. Except of course the various windows versions - but then the Admin tasks are completely different anyway, as is the security policy and mechanism. On the other hand the very nature of an admin tool means that its functions are likely to be system specific to some degree ...
If you have a transaction database for polling, you may as well run another Zope as root, that only listens on the loopback device, and post the transactions into the root zope across SSL. At least that way you can share code.
Hhhm. But is all the 'baggage' of a full Zope needed in this context? I can also share the python methods which would almost certainly have to do the bulk of the work in a Zope anyway. -- Nigel Head Houbits Hi-Tech Servers nhead@houbits.com
participants (2)
-
Andrew Kenneth Milton -
Nigel Head