Authorization is currently at its first public release, 0.1.
1importos,sys,struct,tempfile 2fromAuthorizationimportAuthorization,kAuthorizationFlagDestroyRights 3 4AUTHORIZEDTOOL ="#!%s\n%s" % (sys.executable, 5r""" 6import os 7print os.getuid(), os.geteuid() 8os.setuid(0) 9print "I'm root!" 10""") 11 12defmain(): 13auth =Authorization(destroyflags=(kAuthorizationFlagDestroyRights,)) 14fd,name =tempfile.mkstemp('.py') 15os.write(fd,AUTHORIZEDTOOL) 16os.close(fd) 17os.chmod(name,0700) 18try: 19pipe =auth.executeWithPrivileges(name) 20sys.stdout.write(pipe.read()) 21pipe.close() 22finally: 23os.unlink(name) 24 25if__name__=='__main__': 26main()This will not compile directly on Leopard. You will need to change line 14 of Authorization.pxi from "raise" to "raise _err".
The following shows a concrete example for using this with Leopard.
# This has been tested on a Mac OS X 10.5.5 Leopard stock Python installation# on October 25, 2008# The following is sufficient for using Pyrex,# it doesn't need to be installedexport PATH=$HOME/Downloads/Pyrex-0.9.8.5:$PATHexport PYTHONPATH=$HOME/Downloads/Pyrex-0.9.8.5:$PYTHONPATHcd $HOME/Downloads/Authorization-0.1# Solve "Use __cinit__ instead"perl -pi -e 's/__new__/__cinit__/g' ./src/Authorization.pxi# Solve "Reraise not inside except clause"perl -pi -e 's/raise /#raise /g' ./src/Authorization.pxi# Compile, but do not installpython ./setup.py build_ext --inplace# Solve "cannot import name kAuthorizationFlagDestroyRights"perl -pi -e 's/, kAuthorizationFlagDestroyRights//g' ./test/test.pyperl -pi -e 's/destroyflags=\(kAuthorizationFlagDestroyRights,\)//g' ./test/test.py# Testexport PYTHONPATH=./lib/:$PYTHONPATHpython test/test.py# should give:# I'm root!