Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.lang.python > #70241

Re:Python, Linux, and the setuid bit

Path csiph.com!v102.xanadu-bbs.net!xanadu-bbs.net!feeder.erje.net!eu.feeder.erje.net!weretis.net!feeder4.news.weretis.net!rt.uk.eu.org!newsfeed.xs4all.nl!newsfeed4a.news.xs4all.nl!xs4all!post.news.xs4all.nl!not-for-mail
Return-Path <python-python-list@m.gmane.org>
X-Original-To python-list@python.org
Delivered-To python-list@mail.python.org
X-Spam-Status OK 0.000
X-Spam-Evidence '*H*': 1.00; '*S*': 0.00; 'scripts': 0.03; 'skip:[ 20': 0.04; 'argument': 0.05; 'subject:Python': 0.06; 'must.': 0.07; 'remaining': 0.07; 'bytes.': 0.09; 'comment,': 0.09; 'mem': 0.09; 'pointers': 0.09; 'received:80.91': 0.09; 'received:80.91.229': 0.09; 'received:gmane.org': 0.09; 'received:list': 0.09; 'wrapper': 0.09; 'python': 0.11; 'wrote': 0.14; '"could': 0.16; "'size'": 0.16; '(unsigned': 0.16; '8bit%:32': 0.16; 'choice,': 0.16; 'continue;': 0.16; 'declared': 0.16; 'expects': 0.16; 'incorrect': 0.16; 'int)': 0.16; 'pointers.': 0.16; 'prefix,': 0.16; 'received:80.91.229.3': 0.16; 'received:plane.gmane.org': 0.16; 'size)': 0.16; 'subject:bit': 0.16; 'subtract': 0.16; '(you': 0.16; 'size,': 0.16; 'ignore': 0.16; 'fix': 0.17; 'variable': 0.18; 'bit': 0.19; 'char': 0.24; 'integer': 0.24; 'pointer': 0.24; 'environment': 0.24; 'compiled': 0.26; 'first,': 0.26; 'second': 0.26; 'header:X-Complaints-To:1': 0.27; 'function': 0.29; 'correct': 0.29; 'on,': 0.29; "we'd": 0.29; '[1]': 0.29; '[2]': 0.30; 'skip:( 20': 0.30; 'code': 0.31; 'int,': 0.31; 'question:': 0.31; 'void': 0.31; 'anyone': 0.31; 'run': 0.32; 'third': 0.33; 'subject:the': 0.34; 'possible.': 0.35; 'done.': 0.35; 'but': 0.35; 'there': 0.35; 'really': 0.36; 'should': 0.36; 'two': 0.37; 'step': 0.37; 'to:addr:python-list': 0.38; 'rather': 0.38; 'to:addr:python.org': 0.39; 'skip:- 60': 0.39; 'received:org': 0.40; 'skip:* 10': 0.61; 'different': 0.65; 'needing': 0.65; 'ethan': 0.84; 'furman': 0.84; 'skip:\xef 10': 0.84; 'warning.': 0.84; 'warnings.': 0.84; 'subject::': 0.85; 'cast': 0.91
X-Injected-Via-Gmane http://gmane.org/
To python-list@python.org
From Dave Angel <davea@davea.name>
Subject Re:Python, Linux, and the setuid bit
Date Mon, 14 Apr 2014 21:33:51 -0400 (EDT)
Organization news.gmane.org
References <534C4F8D.6090005@stoneleaf.us>
Mime-Version 1.0
Content-Type text/plain; charset=UTF-8
Content-Transfer-Encoding 8bit
X-Gmane-NNTP-Posting-Host dpc6744193078.direcpc.com
X-Newsreader PiaoHong.NewsGroup.Client.VIP:1.52
X-BeenThere python-list@python.org
X-Mailman-Version 2.1.15
Precedence list
List-Id General discussion list for the Python programming language <python-list.python.org>
List-Unsubscribe <https://mail.python.org/mailman/options/python-list>, <mailto:python-list-request@python.org?subject=unsubscribe>
List-Archive <http://mail.python.org/pipermail/python-list/>
List-Post <mailto:python-list@python.org>
List-Help <mailto:python-list-request@python.org?subject=help>
List-Subscribe <https://mail.python.org/mailman/listinfo/python-list>, <mailto:python-list-request@python.org?subject=subscribe>
Newsgroups comp.lang.python
Message-ID <mailman.9263.1397525297.18130.python-list@python.org> (permalink)
Lines 91
NNTP-Posting-Host 2001:888:2000:d::a6
X-Trace 1397525297 news.xs4all.nl 2863 [2001:888:2000:d::a6]:46009
X-Complaints-To abuse@xs4all.nl
Xref csiph.com comp.lang.python:70241

Show key headers only | View raw

Ethan Furman <ethan@stoneleaf.us> Wrote in message:
> For anyone in the unenviable position of needing [1] to run Python scripts with the setuid bit on, there is an 
> suid-python wrapper [2] that makes this possible.
> 
> When I compiled it I was given a couple warnings.  Can any one shed light on what they mean?
> 
> ==================================================================
> suid-python.c: In function �malloc_abort�:
> suid-python.c:119:17: warning: format �%d� expects argument of type �int�, but argument 3 has type �size_t� [-Wformat]
> suid-python.c: In function �remove_env_prefix�:
> suid-python.c:200:32: warning: cast from pointer to integer of different size [-Wpointer-to-int-cast]
> suid-python.c:201:32: warning: cast from pointer to integer of different size [-Wpointer-to-int-cast]
> ==================================================================
> 
> and the code segments in question:
> 
> ==================================================================
> void *
> malloc_abort(size_t size)
> {
>      void *buf;
> 
>      buf = malloc(size);
>      if (!buf)
>      {
>          fprintf(stderr, "Could not allocate %d bytes.  errno=%d\n",
>                  size, errno);

Your variable 'size' is declared as size_t, which is an integer
 the size of a pointer. Not necessarily the same as an int. But if
 your size is reasonable,  no harm done. The correct fix is to use
 some other format rather than % d, I forget what one. Second
 choice is to cast to an int. Third lousy choice,  ignore the
 warning. 


>          exit(1);
>      }
> 
>      return buf;
> }
> ------------------------------------------------------------------
> int
> remove_env_prefix(char **envp, char *prefix)
> {
>      char **envp_read;
>      char **envp_write;
>      int prefix_len = strlen(prefix);
>      int removed_count = 0;
> 
>      envp_write = envp;
>      for (envp_read = envp; *envp_read; envp_read++)
>      {
>          if (!strncmp(*envp_read, prefix, prefix_len))
>          {
>              /* Step past the environment variable that we don't want. */
>              removed_count++;
>              continue;
>          }
> 
>          if (envp_read != envp_write)
>          {
>              *envp_write = *envp_read;
>          }
> 
>          envp_write++;
>      }
> 
>      /* Set the remaining slots to NULL. */
>      if (envp_write < envp_read)
>      {
>          memset(envp_write, 0, ((unsigned int) envp_read -
>                                 (unsigned int) envp_write));

(you really should have put a comment,  so we'd know this is line
 200, 201)

It's incorrect to cast each pointer to an int, but not the
 difference of two pointers.  Subtract the first,  then cast if
 you must.  But the difference of two pointers is type ptr_diff,
 and that should already be the type mem set is expecting.
 

>
> 
> 


-- 
DaveA

Back to comp.lang.python | Previous | NextNext in thread | Find similar | Unroll thread

Thread

Re:Python, Linux, and the setuid bit Dave Angel <davea@davea.name> - 2014-04-14 21:33 -0400
  Re: Python, Linux, and the setuid bit Grant Edwards <invalid@invalid.invalid> - 2014-04-15 15:05 +0000

csiph-web