0

I'm writing a small extendable server management console, and I'd like to run it as a separate user that is really limited in actions - for security, of course, actually, I see no better way to do this. When somebody enters that console and tries to make some action that requires root privileges, such as putting network interface down, he'd be asked for a sudo password to do so, then this password would be used for the system to check if user has right to sudo, then - to execute the command. I've found one solution:

import os
os.popen("sudo -S somecommand", 'w').write("mypassword")

But it doesn't really seem like a Pythonic way... Or is it?

Also, in technical English, is there any difference between "elevating" and "escalating" privileges?

Арсений Пичугин
  • 507
  • 4
  • 14
  • Unix does not offer a way to switch the user without already having root permissions. The only workaround to achieve this nevertheless is by calling a program with setuid-bit (like sudo). Calling a different process, however, is typically out of the scope of a programming language like Python. So I guess there won't be a very Pythonic way of solving your issue. – Alfe Jan 07 '14 at 10:41
  • There's also the [`os.execl`](http://docs.python.org/2/library/os.html#os.execl) family of functions... – mgilson Jan 07 '14 at 10:41

0 Answers0