hi again,<br> Let me clarify what I am doing and what is my approach till now.<br> We have a portal using which users use our compute resources.<br> In zope we use NIS authentication for validating a user.We have many things that requires root/logged in user privledeges.One example is of a 'file system explorer'.In this I have used ZFSpath product.This explorer is used by users to navigate through their home areas and select what ever file they want.As of now I have changed some functions of ZFSpath class which I was using so that they can be executed as the logged in user(since zope does not have rwx permissions on other user's directory).This is just one case.Hope I have cleared myself well.<br>
<br><div class="gmail_quote">On Wed, Apr 9, 2008 at 11:44 PM, Dieter Maurer <<a href="mailto:dieter@handshake.de">dieter@handshake.de</a>> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
rishi pathak wrote at 2008-4-8 18:03 +0530:<br>
<div class="Ih2E3d">> I dont have a need to run all the external method as root, only<br>
>some of them.<br>
<br>
</div>I did understand this *BUT* you do not have a choice.<br>
<br>
While a single ExternalMethod runs as "root", the complete<br>
Zope process runs as root -- and this applies to all<br>
requests which are run in parallel with your ExternalMethod.<br>
<br>
Please reread my former message.<br>
<br>
If you have touble to understand the terms "thread" and/or "process",<br>
consult Wikipedia to get some insight.<br>
<br>
> ...<br>
<div><div></div><div class="Wj3C7c">>On Tue, Apr 8, 2008 at 12:50 AM, Dieter Maurer <<a href="mailto:dieter@handshake.de">dieter@handshake.de</a>> wrote:<br>
><br>
>> rishi pathak wrote at 2008-4-7 17:46 +0530:<br>
>> >There is a requirement for running some external methods as super user.<br>
>> >For this I thought of adding a new parameter.If set the code would be<br>
>> >executed with effective uid of root.<br>
>><br>
>> This is extremely dangerous.<br>
>><br>
>> To run code as super user, you need to change the effective user id.<br>
>> Changing the effective user id affects the whole process -- not just<br>
>> the thread executing your external method.<br>
>> These things are very difficult to handle in a multi threaded environment,<br>
>> in general.<br>
>> Moreover, running internet driven code uncontrolled as super user<br>
>> is likely to be a big security risk.<br>
>><br>
>><br>
>> Let your application write some command to a queue and process<br>
>> the queue asynchronously. The processing can be performed as<br>
>> super user.<br>
>><br>
>> If this is not possible, let your application communicate<br>
>> with another process which runs as super user -- and pass on<br>
>> synchronous commands from your application to this process.<br>
>><br>
>> In both cases, it is ensured that only the restricted command<br>
>> set can be used to run something as super user -- and<br>
>> not some arbitrary code....<br>
<br>
<br>
<br>
--<br>
Dieter<br>
</div></div></blockquote></div><br><br clear="all"><br>-- <br>Regards--<br>Rishi Pathak<br>