[maemo-developers] Handling files in root privileged directory from an application
From: Chris Saturn Chris_Saturn at hotmail.comDate: Sun Oct 3 13:31:52 EEST 2010
- Previous message: Good email framework library
- Next message: Handling files in root privileged directory from an application
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hi all,
I would like to ask your insight a way to handle securely files that need to
arrive in root privileged directory from a user application written in
python.
In my specific case, the user application will create a file and copy it to
/etc/events.d which will be executed on the next boot.
At the moment, I'm making use of the rootsh package feature and the (very
ugly but functional) call to copy the user created/modified file back like
this:
os.system('echo "cp %s %s"|root' % (Path + ConfigFile, MainPath + MainFile))
My questions basically are:
1. Is there a way that I could avoid the use of the rootsh? (Maybe setuid or
something?)
2. Could I add the rootsh package in the dependencies of my package?
3. Is it a security hole if I give 'rw' privileges to the user for this file
in /etc/events.d?
Thanks for any thoughts,
Chris
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.maemo.org/pipermail/maemo-developers/attachments/20101003/212cff63/attachment.htm>
- Previous message: Good email framework library
- Next message: Handling files in root privileged directory from an application
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]