If Scriptform is running as root, drop privileges to 'nobody' by default. Otherwise, don't drop privileges before executing scripts.
parent
901e0d5938
commit
03f655b6e6
@ -0,0 +1,25 @@ |
||||
ScriptForm test example |
||||
========================= |
||||
|
||||
This test example shows the usage of the `run_as` functionality. If we specify a `run_as` field in a form like so: |
||||
|
||||
|
||||
"forms": [ |
||||
{ |
||||
"name": "run_as", |
||||
"title": "Run as...", |
||||
"description": "", |
||||
"submit_title": "Run", |
||||
"run_as": "man", |
||||
"script": "job_run_as.py", |
||||
"fields": [] |
||||
} |
||||
] |
||||
|
||||
Scriptform will try to run the script as that user (in this case: `man`). This |
||||
requires Scriptform to be running as root. |
||||
|
||||
If no `run_as` is given in a script, Scriptform will execute scripts as the |
||||
current user (the one running Scriptform). If, however, Scriptform is being run |
||||
as root and you don't specify a `run_as` user, the scripts will run as user |
||||
`nobody` for security considerations! |
@ -0,0 +1,21 @@ |
||||
#!/usr/bin/python |
||||
|
||||
import os |
||||
import pwd |
||||
import grp |
||||
|
||||
pw = pwd.getpwuid(os.getuid()) |
||||
gr = grp.getgrgid(pw.pw_gid) |
||||
groups = [g.gr_gid for g in grp.getgrall() if pw.pw_name in g.gr_mem] |
||||
priv_esc = True |
||||
try: |
||||
os.seteuid(0) |
||||
except OSError: |
||||
priv_esc = False |
||||
|
||||
print """Running as: |
||||
|
||||
uid = {0} |
||||
gid = {1} |
||||
groups = {2}""".format(pw.pw_uid, gr.gr_gid, str(groups)) |
||||
|
@ -0,0 +1,15 @@ |
||||
{ |
||||
"title": "Run as", |
||||
"forms": [ |
||||
{ |
||||
"name": "run_as", |
||||
"title": "Run as...", |
||||
"description": "", |
||||
"submit_title": "Run", |
||||
"run_as": "man", |
||||
"script": "/tmp/test/job_run_as.py", |
||||
"fields": [ |
||||
] |
||||
} |
||||
] |
||||
} |
Loading…
Reference in new issue