Communities

Writing
Writing
Codidact Meta
Codidact Meta
The Great Outdoors
The Great Outdoors
Photography & Video
Photography & Video
Scientific Speculation
Scientific Speculation
Cooking
Cooking
Electrical Engineering
Electrical Engineering
Judaism
Judaism
Languages & Linguistics
Languages & Linguistics
Software Development
Software Development
Mathematics
Mathematics
Christianity
Christianity
Code Golf
Code Golf
Music
Music
Physics
Physics
Linux Systems
Linux Systems
Power Users
Power Users
Tabletop RPGs
Tabletop RPGs
Community Proposals
Community Proposals
tag:snake search within a tag
answers:0 unanswered questions
user:xxxx search by author id
score:0.5 posts with 0.5+ score
"snake oil" exact phrase
votes:4 posts with 4+ votes
created:<1w created < 1 week ago
post_type:xxxx type of post
Search help
Notifications
Mark all as read See all your notifications »
Users Search
Help Dashboard Sign In Sign Up
Q&A Code Reviews Meta
Q&A
Posts Tags Edits
Ask Question

Welcome to Software Development on Codidact!

Will you help us build our independent community of developers helping developers? We're small and trying to grow. We welcome questions about all aspects of software development, from design to code to QA and more. Got questions? Got answers? Got code you'd like someone to review? Please join us.

Post History

71%
+3 −0
Q&A Privilege escalation from Python like from systemd

Generallly (assuming no exploit is found) it's not possible to escalate the privileges of an already running process, except via code that itself has kernel level access (running in ring 0 - this i...

posted 7mo ago by Karl Knechtel‭  ·  edited 7mo ago by Karl Knechtel‭

Answer
#2: Post edited by user avatar Karl Knechtel‭ · 2024-04-10T23:32:01Z (7 months ago)
misc typos
  • Generallly (assuming no exploit is found) it's not possible to escalate the privileges of an already running process, except via code that itself has kernel level access (running in ring 0). This is presumably how `systemd` is able to do it. But from your own Python program running in user-land (as a script being interpreted by the `python` executable`), you can only do this by starting a new process.
  • Fortunately, it's easy enough in Python to start new processes using the `subprocess` standard library. We can also use `os.geteuid` to determine Python's "effective user id" - i.e., `0` when the script is running as root, and nonzero otherwise. This allows us to create a script that spawns itself via `sudo` when not already running as root, and proceeds normally when it is. Something like:
  • ```python
  • #!/usr/bin/env python
  • # (or whatever other shebang is appropriate)
  • import os, sys, subprocess
  • # actual code to run as root, when this file is run as a script
  • def main():
  • ...
  • if __name__ == '__main__':
  • if os.geteuid() == 0:
  • sys.exit(main())
  • else:
  • # assuming our script has chmod+x
  • sys.exit(subprocess.call(['sudo', *sys.argv]))
  • ```
  • Of course, the sudoers file can also be modified to allow running the script as root without a password. But for the use case of a script that only occasionally expects escalated privileges, it might be better to ask each time (the user likely wants a warning!) - and to defer the subprocess logic until it's actually necessary. This is tricky to set up; it may be easier to put the root-requiring logic in a separate script file (and perhaps use the standard output and/or error code of the root process to communicate back to the main program).
  • ----
  • References:
  • * [Elevate privileges of running process](https://stackoverflow.com/questions/60074468) on Stack Overflow
  • * [Write to a file with sudo privileges in Python](https://stackoverflow.com/questions/39499233) on Stack Overflow
  • * [How do I sudo a command in a script without being asked for a password?](https://askubuntu.com/questions/155791) on Ask Ubuntu
  • Generallly (assuming no exploit is found) it's not possible to escalate the privileges of an already running process, except via code that itself has kernel level access (running in ring 0 - this is presumably how `systemd` is able to do it). But from your own Python program running in user-land (as a script being interpreted by the `python` executable), you can only do this by starting a new process.
  • Fortunately, it's easy enough in Python to start new processes using the `subprocess` standard library. We can also use `os.geteuid` to determine Python's "effective user id" - i.e., `0` when the script is running as root, and nonzero otherwise. This allows us to create a script that spawns itself via `sudo` when not already running as root, and proceeds normally when it is. Something like:
  • ```python
  • #!/usr/bin/env python
  • # (or whatever other shebang is appropriate)
  • import os, sys, subprocess
  • # actual code to run as root, when this file is run as a script
  • def main():
  • ...
  • if __name__ == '__main__':
  • if os.geteuid() == 0:
  • sys.exit(main())
  • else:
  • # assuming our script has chmod+x
  • sys.exit(subprocess.call(['sudo', *sys.argv]))
  • ```
  • Of course, the sudoers file can also be modified to allow running the script as root without a password. But for the use case of a script that only occasionally expects escalated privileges, it might be better to ask each time (the user likely wants a warning!) - and to defer the subprocess logic until it's actually necessary. This is tricky to set up; it may be easier to put the root-requiring logic in a separate script file (and perhaps use the standard output and/or error code of the root process to communicate back to the main program).
  • ----
  • References:
  • * [Elevate privileges of running process](https://stackoverflow.com/questions/60074468) on Stack Overflow
  • * [Write to a file with sudo privileges in Python](https://stackoverflow.com/questions/39499233) on Stack Overflow
  • * [How do I sudo a command in a script without being asked for a password?](https://askubuntu.com/questions/155791) on Ask Ubuntu
#1: Initial revision by user avatar Karl Knechtel‭ · 2024-04-10T23:31:02Z (7 months ago) 
Generallly (assuming no exploit is found) it's not possible to escalate the privileges of an already running process, except via code that itself has kernel level access (running in ring 0). This is presumably how `systemd` is able to do it. But from your own Python program running in user-land (as a script being interpreted by the `python` executable`), you can only do this by starting a new process.

Fortunately, it's easy enough in Python to start new processes using the `subprocess` standard library. We can also use `os.geteuid` to determine Python's "effective user id" - i.e., `0` when the script is running as root, and nonzero otherwise. This allows us to create a script that spawns itself via `sudo` when not already running as root, and proceeds normally when it is. Something like:

```python
#!/usr/bin/env python
# (or whatever other shebang is appropriate)

import os, sys, subprocess

# actual code to run as root, when this file is run as a script
def main(): 
    ...

if __name__ == '__main__':
    if os.geteuid() == 0:
        sys.exit(main())
    else:
        # assuming our script has chmod+x
        sys.exit(subprocess.call(['sudo', *sys.argv]))
```

Of course, the sudoers file can also be modified to allow running the script as root without a password. But for the use case of a script that only occasionally expects escalated privileges, it might be better to ask each time (the user likely wants a warning!) - and to defer the subprocess logic until it's actually necessary. This is tricky to set up; it may be easier to put the root-requiring logic in a separate script file (and perhaps use the standard output and/or error code of the root process to communicate back to the main program).

----

References: 

* [Elevate privileges of running process](https://stackoverflow.com/questions/60074468) on Stack Overflow

* [Write to a file with sudo privileges in Python](https://stackoverflow.com/questions/39499233) on Stack Overflow

* [How do I sudo a command in a script without being asked for a password?](https://askubuntu.com/questions/155791) on Ask Ubuntu