Thursday, 15 January 2015

Python 2.7.3 errno 13 opening 777 permission file using effective uid -



Python 2.7.3 errno 13 opening 777 permission file using effective uid -

i have file has 777 permissions in linux within directory 2770. root, starting python interactively , trying set effective uid user without root privs (my regular user account, uid 1010) access file, getting errno 13

os: linux (rhel6u3) python: 2.7.3 parent directory permissions: 2770 (root owned, user uid in group) file permissions: 777 (-rwxrwxrwx)

the root parent dir:

[root@server / ]# ls -aflhd test 64k drwxrwxrwx 4 root fstest 2.1k feb 14 20:42 test/

the parent dir:

[root@server /test ]# ls -aflhd t1 64k drwxrws--- 4 root fstest 2.1k feb 14 20:42 t1/

the file:

[root@server /test/t1]# ls -aflh 06.dd -rwxrwxrwx 1 root root 1.0g feb 14 19:34 06.dd*

how produce problem:

[root@server /test/t1]# python python 2.7.3 (default, jan 22 2013, 16:23:20) [gcc 4.4.6 20120305 (red hat 4.4.6-4)] on linux2 type "help", "copyright", "credits" or "license" more information. >>> import os >>> print(os.getresuid(),os.getresgid()) ((0, 0, 0), (0, 0, 0)) >>> os.stat("06.dd") posix.stat_result(st_mode=33279, st_ino=1064458, st_dev=64513l, st_nlink=1, st_uid=0, st_gid=0, st_size=1073741824, st_atime=1360875706, st_mtime=1360870449, st_ctime=1360875600) >>> fp = open("06.dd") >>> fp.close() >>> os.seteuid(1010) >>> print(os.getresuid(),os.getresgid()) ((0, 1010, 0), (0, 0, 0)) >>> fp = open("06.dd") traceback (most recent phone call last): file "<stdin>", line 1, in <module> ioerror: [errno 13] permission denied: '06.dd'

so here's unusual part ... if alter permissions of parent directory 777, fp=open("06.dd") works os.seteuid(1010)!

and stranger part: if su user , run python interactively way, works fine without having set file 777!

[root@server /test/t1]# su - user ; cd /test/t1/ [user@server /test/t1 ]$ python python 2.7.3 (default, jan 22 2013, 16:23:20) [gcc 4.4.6 20120305 (red hat 4.4.6-4)] on linux2 type "help", "copyright", "credits" or "license" more information. >>> import os >>> print(os.getresuid(),os.getresgid()) ((1010, 1010, 1010), (1000, 1000, 1000)) >>> os.stat("06.dd") posix.stat_result(st_mode=33279, st_ino=1064458, st_dev=64513l, st_nlink=1, st_uid=0, st_gid=0, st_size=1073741824, st_atime=1360875706, st_mtime=1360870449, st_ctime=1360875600) >>> fp = open("06.dd") >>> fp.close()

what's going on? i'm thoroughly confused @ point.

you're not owner of t1, owner permissions not apply you.

in first case, effective grouping not fstest group, grouping permissions not apply either. in sec case, effective grouping fstest group, because su clever plenty set effective grouping effective user (they separate scheme calls). seek using

os.setegid(1000) os.seteuid(1010) fp = open("06.dd")

python file-permissions errno

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)