Ticket #428: droppriv.patch

_cpengine.py

old	new
40	40
41	41
42	42	class Engine(object):
43		"""~~The application engine, which exposes a request interface to (HTTP) server~~s."""
	43	"""Application interface for (HTTP) servers, plus process controls."""
44	44
45	45	# Configurable attributes
46	46	request_class = _cprequest.Request
…	…
240	240	t.start()
241	241
242	242	self.start()
	243
	244	# Special thanks to Gavin Baker: http://antonym.org/node/100.
	245	try:
	246	import pwd, grp
	247	except ImportError:
	248	try:
	249	os.umask
	250	except AttributeError:
	251	def drop_privileges(self):
	252	"""Drop privileges. Not available."""
	253	raise NotImplementedError
	254	else:
	255	# A very conservative umask
	256	umask = 077
	257
	258	def drop_privileges(self):
	259	"""Drop privileges. Windows version (umask only)."""
	260	if self.umask is not None:
	261	old_umask = os.umask(self.umask)
	262	cherrypy.log('umask old: %03o, new: %03o' %
	263	(old_umask, self.umask), "PRIV")
	264	else:
	265	uid = None
	266	gid = None
	267	# A very conservative umask
	268	umask = 077
	269
	270	def drop_privileges(self):
	271	"""Drop privileges. UNIX version (uid, gid, and umask)."""
	272	if not (self.uid is None and self.gid is None):
	273	def names():
	274	name = pwd.getpwuid(os.getuid())[0]
	275	group = grp.getgrgid(os.getgid())[0]
	276	return name, group
	277
	278	cherrypy.log('Started as %r/%r' % names(), "PRIV")
	279	if self.gid is not None:
	280	os.setgid(grp.getgrnam(self.gid)[2])
	281	if self.uid is not None:
	282	os.setuid(pwd.getpwnam(self.uid)[2])
	283	cherrypy.log('Running as %r/%r' % names(), "PRIV")
	284
	285	if self.umask is not None:
	286	old_umask = os.umask(self.umask)
	287	cherrypy.log('umask old: %03o, new: %03o' %
	288	(old_umask, self.umask), "PRIV")
243	289
244	290
245	291	class NotReadyRequest:

Download in other formats:

Original Format