Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.lang.python > #70234

Python, Linux, and the setuid bit

Path csiph.com!v102.xanadu-bbs.net!xanadu-bbs.net!feeder.erje.net!eu.feeder.erje.net!newsfeed.xs4all.nl!newsfeed2a.news.xs4all.nl!xs4all!newsgate.cistron.nl!newsgate.news.xs4all.nl!post.news.xs4all.nl!not-for-mail
Return-Path <ethan@stoneleaf.us>
X-Original-To python-list@python.org
Delivered-To python-list@mail.python.org
X-Spam-Status OK 0.000
X-Spam-Evidence '*H*': 1.00; '*S*': 0.00; 'scripts': 0.03; 'skip:[ 20': 0.04; 'argument': 0.05; 'subject:Python': 0.06; 'remaining': 0.07; 'bytes.': 0.09; 'from:addr:ethan': 0.09; 'from:addr:stoneleaf.us': 0.09; 'from:name:ethan furman': 0.09; 'message-id:@stoneleaf.us': 0.09; 'wrapper': 0.09; '~ethan~': 0.09; 'python': 0.11; '"could': 0.16; '(unsigned': 0.16; 'continue;': 0.16; 'expects': 0.16; 'int)': 0.16; 'prefix,': 0.16; 'size)': 0.16; 'subject:bit': 0.16; 'size,': 0.16; 'variable': 0.18; 'bit': 0.19; 'header:User-Agent:1': 0.23; 'char': 0.24; 'convenient': 0.24; 'integer': 0.24; 'pointer': 0.24; 'environment': 0.24; 'compiled': 0.26; 'function': 0.29; 'on,': 0.29; '[1]': 0.29; '[2]': 0.30; 'skip:( 20': 0.30; 'code': 0.31; 'question:': 0.31; 'void': 0.31; 'anyone': 0.31; 'thanks!': 0.32; 'run': 0.32; 'url:python': 0.33; 'subject:the': 0.34; 'possible.': 0.35; 'but': 0.35; 'there': 0.35; 'really': 0.36; 'url:org': 0.36; 'step': 0.37; 'to:addr:python-list': 0.38; 'to:addr:python.org': 0.39; 'skip:- 60': 0.39; 'received:173': 0.61; 'skip:* 10': 0.61; '8bit%:10': 0.64; 'different': 0.65; 'needing': 0.65; 'charset:windows-1252': 0.65; 'skip:\x91 10': 0.84; 'warnings.': 0.84; 'cast': 0.91; 'have.': 0.93
Date Mon, 14 Apr 2014 14:13:49 -0700
From Ethan Furman <ethan@stoneleaf.us>
User-Agent Mozilla/5.0 (X11; Linux x86_64; rv:16.0) Gecko/20121010 Thunderbird/16.0.1
MIME-Version 1.0
To Python <python-list@python.org>
Subject Python, Linux, and the setuid bit
Content-Type text/plain; charset=windows-1252; format=flowed
Content-Transfer-Encoding 8bit
X-AntiAbuse This header was added to track abuse, please include it with any abuse report
X-AntiAbuse Primary Hostname - gator3304.hostgator.com
X-AntiAbuse Original Domain - python.org
X-AntiAbuse Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse Sender Address Domain - stoneleaf.us
X-BWhitelist no
X-Source-IP 173.12.184.233
X-Exim-ID 1WZoCz-0002dn-GO
X-Source
X-Source-Args
X-Source-Dir
X-Source-Sender ([173.12.184.233]) [173.12.184.233]:34349
X-Source-Auth ethan+stoneleaf.us
X-Email-Count 1
X-Source-Cap dG9idWs7dG9idWs7Z2F0b3IzMzA0Lmhvc3RnYXRvci5jb20=
X-BeenThere python-list@python.org
X-Mailman-Version 2.1.15
Precedence list
List-Id General discussion list for the Python programming language <python-list.python.org>
List-Unsubscribe <https://mail.python.org/mailman/options/python-list>, <mailto:python-list-request@python.org?subject=unsubscribe>
List-Archive <http://mail.python.org/pipermail/python-list/>
List-Post <mailto:python-list@python.org>
List-Help <mailto:python-list-request@python.org?subject=help>
List-Subscribe <https://mail.python.org/mailman/listinfo/python-list>, <mailto:python-list-request@python.org?subject=subscribe>
Newsgroups comp.lang.python
Message-ID <mailman.9260.1397511440.18130.python-list@python.org> (permalink)
Lines 76
NNTP-Posting-Host 2001:888:2000:d::a6
X-Trace 1397511440 news.xs4all.nl 2867 [2001:888:2000:d::a6]:59167
X-Complaints-To abuse@xs4all.nl
Xref csiph.com comp.lang.python:70234

Show key headers only | View raw

For anyone in the unenviable position of needing [1] to run Python scripts with the setuid bit on, there is an 
suid-python wrapper [2] that makes this possible.

When I compiled it I was given a couple warnings.  Can any one shed light on what they mean?

==================================================================
suid-python.c: In function ‘malloc_abort’:
suid-python.c:119:17: warning: format ‘%d’ expects argument of type ‘int’, but argument 3 has type ‘size_t’ [-Wformat]
suid-python.c: In function ‘remove_env_prefix’:
suid-python.c:200:32: warning: cast from pointer to integer of different size [-Wpointer-to-int-cast]
suid-python.c:201:32: warning: cast from pointer to integer of different size [-Wpointer-to-int-cast]
==================================================================

and the code segments in question:

==================================================================
void *
malloc_abort(size_t size)
{
     void *buf;

     buf = malloc(size);
     if (!buf)
     {
         fprintf(stderr, "Could not allocate %d bytes.  errno=%d\n",
                 size, errno);
         exit(1);
     }

     return buf;
}
------------------------------------------------------------------
int
remove_env_prefix(char **envp, char *prefix)
{
     char **envp_read;
     char **envp_write;
     int prefix_len = strlen(prefix);
     int removed_count = 0;

     envp_write = envp;
     for (envp_read = envp; *envp_read; envp_read++)
     {
         if (!strncmp(*envp_read, prefix, prefix_len))
         {
             /* Step past the environment variable that we don't want. */
             removed_count++;
             continue;
         }

         if (envp_read != envp_write)
         {
             *envp_write = *envp_read;
         }

         envp_write++;
     }

     /* Set the remaining slots to NULL. */
     if (envp_write < envp_read)
     {
         memset(envp_write, 0, ((unsigned int) envp_read -
                                (unsigned int) envp_write));
     }

     return removed_count;
}
==================================================================

Thanks!

--
~Ethan~

[1] Need, or really really really convenient to have. ;)
[2] http://selliott.org/python/

Back to comp.lang.python | Previous | NextNext in thread | Find similar | Unroll thread

Thread

Python, Linux, and the setuid bit Ethan Furman <ethan@stoneleaf.us> - 2014-04-14 14:13 -0700
  Re: Python, Linux, and the setuid bit John Gordon <gordon@panix.com> - 2014-04-14 21:55 +0000
    Re: Python, Linux, and the setuid bit Grant Edwards <invalid@invalid.invalid> - 2014-04-14 22:04 +0000
      Re: Python, Linux, and the setuid bit Grant Edwards <invalid@invalid.invalid> - 2014-04-14 22:07 +0000
  Re: Python, Linux, and the setuid bit Richard Kettlewell <rjk@greenend.org.uk> - 2014-04-15 09:00 +0100
    Re: Python, Linux, and the setuid bit Chris Angelico <rosuav@gmail.com> - 2014-04-15 18:15 +1000
      Re: Python, Linux, and the setuid bit Richard Kettlewell <rjk@greenend.org.uk> - 2014-04-15 10:28 +0100
        Re: Python, Linux, and the setuid bit Chris Angelico <rosuav@gmail.com> - 2014-04-15 19:35 +1000
    Re: Python, Linux, and the setuid bit Chris Angelico <rosuav@gmail.com> - 2014-04-15 18:18 +1000

csiph-web