如何 sudo 当前进程?
是否可以使用 sudo 前端(如 gksudo)来提升当前进程的权限?我知道我可以执行以下操作:
sudo cat /etc/passwd-
但我对此很感兴趣:
sudo-become-root # magic function/command
cat /etc/passwd-
我正在用 Python 编写。我的用例是,我有一个以用户身份运行的程序,但可能会遇到要读取/写入 root 拥有的文件。我想提示输入密码,获得 root 权限,执行我需要的操作,然后可以选择再次放弃权限。
我知道我可以将管理逻辑和非管理逻辑分离到单独的进程中,然后以 root 身份运行管理进程(通过一些通信——policykit/dbus 在这里很适合)。但我希望有一个更简单(尽管无疑风险更大)的解决方案。
我正在考虑通过 sudo 运行 Solaris 的 ppriv 来修改当前进程的权限。这看起来像是一个虽然简单但可行的往返。但据我所知,linux不提供ppriv。
(我很惊讶这并不明显;这似乎是一个并不罕见的事情,并且似乎不是一个安全漏洞,允许在升级过程中升级新版本过程。)
Is it possible to use a sudo frontend (like gksudo) to elevate the privileges of the current process? I know I can do the following:
sudo cat /etc/passwd-
But I'm interested in doing this:
sudo-become-root # magic function/command
cat /etc/passwd-
I'm writing in Python. My usecase is that I have a program that runs as the user, but may encounter files to read/write that are root-owned. I'd like to prompt for password, gain root privileges, do what I need, and then optionally drop privileges again.
I know I could separate admin logic and non-admin logic into separate processes, and then just run the admin process as root (with some communication -- policykit/dbus would be a good fit here). But I was hoping for a much simpler (though admittedly more risky) solution.
I'm thinking something like running Solaris's ppriv through sudo to then modify the current process's privileges. Which seems like a hacky-but-workable roundtrip. But as far as I know, linux doesn't offer ppriv.
(I'm surprised this isn't obvious already; it seems like a not-uncommon thing to want and doesn't seem to be a security hole to allow escalation in-process over escalation of a new process.)
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(8)
Aptitude 有一个“成为root”选项。您可能想看看作者在那里做了什么。
Aptitude has a "become root" option. You may wish to see what the author did there.
不幸的是,我不知道有什么方法可以干净地做你想做的事情。我认为你最好的选择是让程序 setuid (或在 sudo 下运行它),然后要么做你的肮脏工作并删除权限,要么 fork() 并从一个进程中删除权限并保留另一个进程来完成你的根工作。
您正在寻找的是 setuid(2) / setreuid(2) / setregid(2) / setgroups(2) 调用,但它们都是硬连线的,不允许您在调用过程中获得特权。据我所知,你只能用它们来“放弃”特权。
Unfortunately, I'm not aware of a way to do what you want to do cleanly. I think your best bet is to make the program setuid (or run it under sudo) and then either do your dirty work and drop permissions, or fork() and drop permissions from one process and keep the other one around to do your root work.
What you're looking for are the setuid(2) / setreuid(2) / setregid(2) / setgroups(2) calls, but they are all hard wired to not allow you to gain privileges mid-invocation. You can only use them to "give away" privileges, as far as I know.
如果您想干净地处理程序内的管理权限,您可能需要使用 PolicyKit 而不是比 sudo 更重要,具体取决于您计划运行程序的操作系统。
有关 Python 的 PolicyKit,请参阅 python-slip。
否则,有两种方法可以调用 sudo 成为 root:
将使您成为 root 并保留当前环境(相当于
sudo su)将使您成为 root 并给您 root 的环境(相当于 < code>sudo su -)
处理问题的另一种方法是考虑你拥有你需要的权限,并让程序的用户选择如何授予你的程序权限(使用 sudo/setuid/ Unix 组/其他)。
另请参阅同一主题的有关 ServerFault 的此问题。
If you want to deal cleanly with administrative rights inside a program, you might want to use PolicyKit rather than sudo, depending on the OS you plan to run your program on.
For PolicyKit for Python, see python-slip.
Otherwise, there are two ways to call sudo to become root:
will make you root and keep your current environment (equivalent to
sudo su)will make you root and give you root's environment, too (equivalent to
sudo su -)Another way of dealing with the problem is to consider that you have the rights you need, and let the user of the program choose how to give the rights to your program (using sudo/setuid/unix groups/whatever else).
See also this question on ServerFault on the same subject.
你的神奇功能/命令可能是
Your magic function/command could be
输出是:
The output is:
我不喜欢能够以 root 身份从权限较低的进程运行任意命令的想法。然而,既然你想要它,想到的想法之一就是保留 setuid 受限 shell 它只能执行您感兴趣的命令。然后,您可以使用
subprocess.Popen函数来使用此受限 shell 来运行命令,该 shell 将以提升的权限运行该命令。I don't like the idea of being able to run arbitrary commands as root from a lower privileged process. However, since you want it, one of the ideas that comes to mind is to keep a setuid restricted shell which can only execute the commands you're interested in allowing. You can then use the
subprocess.Popenfunctions to run your command using this restricted shell that will run it with elevated privileges.我想知道这是否可行:
将另一个组添加到您的系统中,将脚本安装为根程序,并让 sudoers 文件包含允许该组执行脚本的行。最后将该组添加到需要运行脚本的帐户列表中。
然后,该脚本只能由 root 或在启动时提供帐户密码后设置的组中具有特殊组的任何帐户运行。
有关其他选项,请参阅 Sudo 手册。
I wonder if this would work:
Add another group to your system, install the script as a root program and have the sudoers file contain a line that allows the script to be executed by this group. Finally add the group to the list of accounts that need to run the script.
Then the script can only be run by root or any account that has the special group in the group set after supplying the account password at the start.
See Sudo Manual for other options.
您想要使用 PAM 进行身份验证。这里有一个示例。
You want to authenticate with PAM. There's an example here.