You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
You recommend using a dedicated user on the system for the python service to avoid using root and thus prevent avoidable security risks.
I find this to be a very good practice, and to build up on this I think some hints could help adopt it. A full explanation of the subject would probably be outside the scope, but letting the user know in which direction to search can help.
An example would be adding the user to the right system group which has execution privileges. On the RaspberryPi, a user needs to be added to the gpio group in order to use the pins on the board through Python. Say the python_demo_service user needs to use the pins in a Python script:
#adduser python_demo_service gpio
Another example could show sudo. I believe most modern operating systems use, or provide an easy way to install, sudo. With that in mind, the following simple set of commands could help a non root user to execute a system command:
Say the python_demo_service user needs to be able to shutdown the system:
This is a subject on its own that deserves full understanding from the user, but a few examples, as long as they don't introduce security risks or bad practices, can help a lot to get started.
The text was updated successfully, but these errors were encountered:
You recommend using a dedicated user on the system for the python service to avoid using root and thus prevent avoidable security risks.
I find this to be a very good practice, and to build up on this I think some hints could help adopt it. A full explanation of the subject would probably be outside the scope, but letting the user know in which direction to search can help.
An example would be adding the user to the right system group which has execution privileges. On the RaspberryPi, a user needs to be added to the
gpiogroup in order to use the pins on the board through Python. Say thepython_demo_serviceuser needs to use the pins in a Python script:#adduser python_demo_service gpioAnother example could show
sudo. I believe most modern operating systems use, or provide an easy way to install,sudo. With that in mind, the following simple set of commands could help a non root user to execute a system command:Say the
python_demo_serviceuser needs to be able to shutdown the system:This is a subject on its own that deserves full understanding from the user, but a few examples, as long as they don't introduce security risks or bad practices, can help a lot to get started.
The text was updated successfully, but these errors were encountered: