[Twisted-Python] Re: Switch to a different uid/gid after binding reserved ports (G
W.J.
miathan at goliath.darktech.org
Mon Jun 9 06:33:00 MDT 2003
> I have now had a chance to test this on HP-UX11i and have discovered a
> problem.
>
> The code for Application.setUID() calls os.getgid() expecting it to
> return 0
Why on earth would you want to check or enforce someone is in group 0?
Being in group 0 doesn't have any 'magic' like uid 0 has, well, it
might have on some operating systems, but it's not a portable way.
Some unices don't even have a special *user* ID 0 but have security
based on process privileges. You shouldn't assume setuid or setgid to
fail/succeed based on those numbers.
IMO the best way is to just try to setuid/setgid if requested, if it is
not allowed you'll get an EPERM soon enough anyway.
Wladimir
More information about the Twisted-Python
mailing list