Patrick McLean added the comment:
I have updated the pull request to include 'group' and 'extra_groups' as
separate parameters.
--
___
Python tracker
<https://bugs.python.org/issue36
Patrick McLean added the comment:
> Thanks for your explanation. In case of a privileged process, the behavior of
> setreuid/setregid/setgroups does seem well-defined. But setuid/setgid change
> all ids (real, effective, saved) too in this case. Do you prefer
> setreuid/setr
Patrick McLean added the comment:
Alexey, here are my responses to your points:
1) This is intentional, this is for dropping privileges before running some
(possibly untrusted) command, we do not want to leave a path for the subprocess
to gain root back. If there is a subprocess that needs
Change by Patrick McLean :
--
keywords: +patch
pull_requests: +11974
stage: -> patch review
___
Python tracker
<https://bugs.python.org/issue36046>
___
___
Py
New submission from Patrick McLean :
Currently when using python to automate system administration tasks, it is
useful to drop privileges sometimes. Currently the only way to do this is via a
preexec_fn, which has well-documented problems. It would be useful to be able
to pass a user
