On 23 Ago, 13:13, "Chris Mellon" <[EMAIL PROTECTED]> wrote: > On 8/23/07, billiejoex <[EMAIL PROTECTED]> wrote: > > > > > > > On 23 Ago, 10:38, Tim Golden <[EMAIL PROTECTED]> wrote: > > > billiejoex wrote: > > > > Hi there. I'm writing a modification for a FTP server library I'm > > > > maintaining. > > > > Depending on the system I'd want to temporarily impersonate the logged > > > > user to perform actions on filesystem. > > > > Something like: > > > > > try: > > > > change_user('user', 'password') > > > > os.rmdir('dir') > > > > except: > > > > print "some error" > > > > finally: > > > > change_user('old_user', 'password') > > > > > On Unix I took at look at os.seteuid() and os.setegid() functions and > > > > I noticed they could be useful for my purpose. > > > > On Windows I have no idea about how could I emulate a similar > > > > behaviour. > > > > Could someone please point me in the right direction? > > > > (Warning: not tried, but at least gives you the things to Google for!) > > > > You need the win32security module from the pywin32 extensions. [1] > > > In particular, you want to look at the LogonUser and > > > ImpersonateLoggedOnUser functions. > > > > TJG > > > > [1]http://pywin32.sf.net-Nascondi testo tra virgolette - > > > > - Mostra testo tra virgolette - > > > Thanks for suggestion. > > I made it. > > Note that running your process as a user with enough priviledges to > impersonate another user pretty much eliminates all the benefits of > running as a low-priviledged user in the first place. Consider > re-thinking your application model and having an "ftp" user instead.- > Nascondi testo tra virgolette - > > - Mostra testo tra virgolette -
Could you be more precise? Why it's not a good idea? I was thinking of starting ftpd as limited user ('nobody'/'ftp' on unix, 'Guest' on Windows), then temporary switching to another user when I got to perform actions on file system. Maybe you're saying that as limited user I can't do such switching? -- http://mail.python.org/mailman/listinfo/python-list