[Zope] Running an External Method as another user
Martijn Pieters
mj@antraciet.nl
Tue, 17 Aug 1999 01:47:32 +0200
At 21:45 16-8-99 , Timothy Grant wrote:
>Hi folk!
>
>I've been messing around with providing some simple network
>administration tools via Zope, to the people in my office.
>
>One thing I would like to do is create a page that will allow my users
>to change both their "normal" Linux password (used by most people in my
>office for mail only) and their Samba password (used by almost everybody
>in the office for connectivity to our server). It's quite easy to train
>these people how to change one or the other of the passwords, but
>getting them to change both at the same time has been a problem. Hence,
>my desire to write a Zope app that will--given their existing password,
>and a new password--update both the passwd file and the smbpasswd file.
>
>I didn't think very far ahead, and while I have some nice tools that use
>Expect to change the password, I haven't figured out how to run an
>External Method as someone other than nobody.
>
>Any suggestions?
Ouch, I don't think many will have experience in this. Besides, this could be
very platform dependant, and security is certainly going to roar its ugly
head..
I don't think you can easily run any External Method under a different user
than the rest of Zope. What you could do, is run a different process under the
user that does have the desired access, and somehow communicate with that
process, be it with pipes, sockets or file based queues, but you will have to
very carefull indeed that no other process but Zope has access to that
comminucation channel.
--
Martijn Pieters, Web Developer
| Antraciet http://www.antraciet.nl
| T: +31 35 7502100 F: +31 35 7502111
| mj@antraciet.nl http://www.antraciet.nl/~mj
| PGP: http://wwwkeys.nl.pgp.net:11371/pks/lookup?op=get&search=0xA8A32149
---------------------------------------------