def deescalate_sudo():
uid = os.environ.get('SUDO_UID')
gid = os.environ.get('SUDO_GID')
if uid and gid:
uid = int(uid)
gid = int(gid)
# username = pwd.getpwuid(uid).pw_name
# groups = [g.gr_gid for g in grp.getgrall() if username in g.gr_mem]
os.setgroups([]) # for now loose supplementary groups
os.setregid(int(gid), int(gid))
os.setreuid(int(uid), int(uid))
评论列表
文章目录