Re: Secure scripts variables
Florian Lindner [EMAIL PROTECTED] writes: AFAIK scripts can't be setuid? Can you tell me what you mean and how to do it? Actually it looks like Linux doesn't support setuid scripts. I thought the feature had been restored. There is a well-known security hole but there are workarounds for it and some of the BSD-derived Unixes implement those. And there is a special hack for Perl that uses an accessory setuid C program to run setuid Perl scripts--maybe something like it could be written for Python. Anyway, the simple workaround is to write a simple C wrapper that invokes the Python interpreter on your script. Make sure to use a complete path to specify where your script is. From the perlsec documentation: #define REAL_PATH /path/to/script main(ac, av) char **av; { execv(REAL_PATH, av); } Compile this wrapper into a binary executable and then make it rather than your script setuid or setgid. http://supportweb.cs.bham.ac.uk/documentation/perl5/pod/perlsec.html You have to be very careful writing these scripts since there are all kinds of errors you can make. Perl's taint checking feature helps catch a lot of those and it would be good if Python had something similar. -- http://mail.python.org/mailman/listinfo/python-list
Re: Secure scripts variables
Florian Lindner [EMAIL PROTECTED] writes: I have a script which is readable and executable by a user, but not writable. The users executes the scripts, it reads in a value and based on this value it computes a result and stores it in a variable. Can the user read out the value of this variable? If yes, can he be prevented to do so? I don't really understand the question. The user could, for example, run the Python interpreter under a debugger, and examine its internal state step by step during execution. What you really want is a setuid script. That can do what you want, but you have to write them very carefully. -- http://mail.python.org/mailman/listinfo/python-list
Re: Secure scripts variables
Paul Rubin wrote: Florian Lindner [EMAIL PROTECTED] writes: I have a script which is readable and executable by a user, but not writable. The users executes the scripts, it reads in a value and based on this value it computes a result and stores it in a variable. Can the user read out the value of this variable? If yes, can he be prevented to do so? I don't really understand the question. The user could, for example, run the Python interpreter under a debugger, and examine its internal state step by step during execution. What you really want is a setuid script. That can do what you want, but you have to write them very carefully. AFAIK scripts can't be setuid? Can you tell me what you mean and how to do it? Florian -- http://mail.python.org/mailman/listinfo/python-list
Secure scripts variables
Hello, given the following situation: I have a script which is readable and executable by a user, but not writable. The users executes the scripts, it reads in a value and based on this value it computes a result and stores it in a variable. Can the user read out the value of this variable? If yes, can he be prevented to do so? (It's a ordinary user on a Linux system with access to the python interpreter.) (Of course: He could just copy the script to a file he has write access and modify it to print the result. It's a theoretical situation.) Thanks, Florian -- http://mail.python.org/mailman/listinfo/python-list
Re: Secure scripts variables
Florian Lindner wrote: Hello, given the following situation: I have a script which is readable and executable by a user, but not writable. The users executes the scripts, it reads in a value and based on this value it computes a result and stores it in a variable. Can the user read out the value of this variable? Yes. If yes, can he be prevented to do so? Only if the sensitive part of your script runs under different user. See thread about storing passwords in a script: http://groups-beta.google.com/group/comp.lang.python/browse_frm/thread/91e4c114c5114e92 (It's a ordinary user on a Linux system with access to the python interpreter.) If there is a will, there is a way :) I used to run a persistant server on Solaris as ordinary user. The trick is to create an entry in crontab that will periodically (every 10 minutes) check if your server is running, if not, start it up. Note however, after that it's not a good idea to keep sensitive files in your home directory (like your tax forms or browsing history), because if you make an error in your server and it will be hacked, then you risk exposing all your files. Serge. -- http://mail.python.org/mailman/listinfo/python-list