Using sudo with Python script

Question

I\'m trying to write a small script to mount a VirtualBox shared folder each time I execute the script. I want to do it with Python, because I\'m trying to learn it for scri

Answer 1

Many answers focus on how to make your solution work, while very few suggest that your solution is a very bad approach. If you really want to "practice to learn", why not practice using good solutions? Hardcoding your password is learning the wrong approach!

If what you really want is a password-less mount for that volume, maybe sudo isn't needed at all! So may I suggest other approaches?

• Use /etc/fstab as mensi suggested. Use options user and noauto to let regular users mount that volume.

• Use Polkit for passwordless actions: Configure a .policy file for your script with yes and drop at /usr/share/polkit-1/actions

• Edit /etc/sudoers to allow your user to use sudo without typing your password.

All the above allow passwordless root privilege, none require you to hardcode your password. Choose any approach and I can explain it in more detail.

As for why it is a very bad idea to hardcode passwords, here are a few good links for further reading:

• http://www.security-faqs.com/why-you-shouldnt-hard-code-your-passwords-when-programming.html
• https://security.web.cern.ch/security/recommendations/en/password_alternatives.shtml
• https://security.stackexchange.com/questions/92465/whats-more-secure-hard-coding-credentials-or-storing-them-in-a-database
• https://blogs.manageengine.com/it-security/passwordmanagerpro/2010/02/17/use-of-hard-coded-credentials-a-dangerous-programming-error-cwe.html
• https://www.csoonline.com/article/3038302/application-development/hard-coded-passwords-remain-a-key-security-flaw.html