Python fails to execute firefox webbrowser from a root executed script with privileges drop

Question

I can't run firefox from a sudoed python script that drops privileges to normal user. If i write

$ sudo python
>>> import os
>>> import pwd, grp
>>> uid = pwd.getpwnam('norby')[2]
>>> gid = grp.getgrnam('norby')[2]
>>> os.setegid(gid)
>>> os.seteuid(uid)
>>> import webbrowser
>>> webbrowser.get('firefox').open('www.google.it')
True
>>> # It returns true but doesn't work
>>> from subprocess import Popen,PIPE
>>> p = Popen('firefox www.google.it', shell=True,stdout=PIPE,stderr=PIPE)
>>> # Doesn't execute the command
>>> You shouldn't really run Iceweasel through sudo WITHOUT the -H option.
Continuing as if you used the -H option.
No protocol specified
Error: cannot open display: :0

I think that is not a python problem, but firefox/iceweasel/debian configuration problem. Maybe firefox read only UID and not EUID, and doesn't execute process because UID is equal 0. What do you think about?

Answer 1

This could be your environment. Changing the permissions will still leave environment variables like $HOME pointing at the root user's directory, which will be inaccessible. It may be worth trying altering these variables by changing os.environ before launching the browser. There may also be other variables worth checking.