| This is an automatically generated e-mail. To reply, visit: http://reviewboard-fedoraserver.rhcloud.com/r/131/ |
| src/rolekit/async.py (Diff revision 1) | |||
|---|---|---|---|
def input_handler(unused_fd, condition, unused_data): |
|||
| 285 | if (uid and not gid) or (gid and not uid): |
||
Note that 0 is False in Python.
How about (untested)
if (uid is None) != (gid is None):
| src/rolekit/async.py (Diff revision 1) | |||
|---|---|---|---|
def input_handler(unused_fd, condition, unused_data): |
|||
| 294 | def demote(user_uid, user_gid): |
||
AFAICS calling the demote() function is superfluous and, to me, confusing; we only need to pass the set_ids callable.
| src/rolekit/async.py (Diff revision 1) | |||
|---|---|---|---|
def input_handler(unused_fd, condition, unused_data): |
|||
| 298 | os.setgid(user_gid) |
||
| 299 | os.setuid(user_uid) |
||
setre[ug]id() to make it explicit that both are changed?
| src/rolekit/async.py (Diff revision 1) | |||
|---|---|---|---|
def input_handler(unused_fd, condition, unused_data): |
|||
| 301 | if user_uid and user_gid: |
||
One way to fix: move this check inside set_ids(), and then call Popen(… preexec_fn=set_ids)
Another way, more similar to the current code:
if (user_uid is not None or user_gid is not None): # minimal cleanup related to 0/none and being paranoid preexec_fn = set_ids else: preexec_fn = None … and then call Popen(…, preexec_fn=preexec_fn) (change names as you like)
- Miloslav Trmac
On leden 20th, 2015, 7:12 odp. CET, Stephen Gallagher wrote:
|
Review request for RoleKit Mailing List, Miloslav Trmac, Stephen Gallagher, and Thomas Woerner.
By Stephen Gallagher.
Updated Led. 20, 2015, 7:12 odp.
Repository:
rolekit
Description
Diffs
|