Commit 34e49e6b authored by Philip ABBET's avatar Philip ABBET

Attempt to change to an user with less privileges

parent f0c66547
...@@ -52,6 +52,8 @@ import logging ...@@ -52,6 +52,8 @@ import logging
import os import os
import sys import sys
import docopt import docopt
import pwd
import stat
import zmq import zmq
...@@ -121,6 +123,28 @@ def main(): ...@@ -121,6 +123,28 @@ def main():
logger = logging.getLogger(__name__) logger = logging.getLogger(__name__)
# Attempt to change to an user with less privileges
try:
# First determine if the user exists. If not, none of the following lines will
# be executed
newuid = pwd.getpwnam('beat-nobody').pw_uid
# Next, ensure that the needed files are readable by the 'beat-nobody' user
access = stat.S_IRUSR | stat.S_IWUSR | stat.S_IXUSR | stat.S_IRGRP | stat.S_IXGRP | stat.S_IROTH | stat.S_IXOTH
os.chmod(args['<dir>'], access)
for root, dirs, files in os.walk(args['<dir>']):
for d in dirs:
os.chmod(os.path.join(root, d), access)
for f in files:
os.chmod(os.path.join(root, f), access)
# Change the user
os.setuid(newuid)
except:
pass
# Creates the 0MQ socket for communication with BEAT # Creates the 0MQ socket for communication with BEAT
context = zmq.Context() context = zmq.Context()
socket = context.socket(zmq.PAIR) socket = context.socket(zmq.PAIR)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment