Python 2.7.3 errno 13 opening 777 permission file using effective uid

StackOverflow https://stackoverflow.com/questions/14884855

  •  09-03-2022
  •  | 
  •  

質問

I have a file that has 777 permissions in Linux inside a directory that is 2770. As root, I am starting Python interactively and trying to set the effective UID to a user without root privs (my regular user account, UID 1010) to access the file, but I am getting Errno 13

OS: Linux (RHEL6U3)
Python: 2.7.3
Parent Directory permissions: 2770 (root owned, user UID is in group)
File Permissions: 777 (-rwxrwxrwx)


The root parent dir:

[root@server / ]#  ls -AFlhd test
64K drwxrwxrwx  4 root FSTEST    2.1K Feb 14 20:42 test/


The parent dir:

[root@server /test ]#  ls -AFlhd t1
64K drwxrws---  4 root FSTEST    2.1K Feb 14 20:42 t1/


The file:

[root@server /test/t1]#  ls -AFlh 06.dd
-rwxrwxrwx 1 root   root             1.0G Feb 14 19:34 06.dd*


How to produce the problem:

[root@server /test/t1]#  python
Python 2.7.3 (default, Jan 22 2013, 16:23:20) 
[GCC 4.4.6 20120305 (Red Hat 4.4.6-4)] on linux2
Type "help", "copyright", "credits" or "license" for more information.

>>> import os
>>> print(os.getresuid(),os.getresgid())
((0, 0, 0), (0, 0, 0))

>>> os.stat("06.dd")
posix.stat_result(st_mode=33279, st_ino=1064458, st_dev=64513L, st_nlink=1, st_uid=0, st_gid=0, st_size=1073741824, st_atime=1360875706, st_mtime=1360870449, st_ctime=1360875600)

>>> fp = open("06.dd")
>>> fp.close()
>>> os.seteuid(1010)
>>> print(os.getresuid(),os.getresgid())
((0, 1010, 0), (0, 0, 0))

>>> fp = open("06.dd")
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
IOError: [Errno 13] Permission denied: '06.dd'

So here's the unusual part ... if I change the permissions of the parent directory to 777, the fp=open("06.dd") works with os.seteuid(1010)!

And the even stranger part: If I su to my user and run Python interactively that way, it also works just fine without having to set the file to 777!

[root@server /test/t1]#  su - user ; cd /test/t1/
[user@server /test/t1 ]$ python
Python 2.7.3 (default, Jan 22 2013, 16:23:20) 
[GCC 4.4.6 20120305 (Red Hat 4.4.6-4)] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import os
>>> print(os.getresuid(),os.getresgid())
((1010, 1010, 1010), (1000, 1000, 1000))

>>> os.stat("06.dd")
posix.stat_result(st_mode=33279, st_ino=1064458, st_dev=64513L, st_nlink=1, st_uid=0, st_gid=0, st_size=1073741824, st_atime=1360875706, st_mtime=1360870449, st_ctime=1360875600)

>>> fp = open("06.dd")
>>> fp.close()

What's going on? I'm thoroughly confused at this point.

役に立ちましたか?

解決

You're not the owner of t1, so the owner permissions do not apply to you.

In the first case, your effective group is not the FSTEST group, so the group permissions do not apply to you either. In the second case, your effective group is the FSTEST group, because su is clever enough to set your effective group as well as your effective user (they are separate system calls). Try using

os.setegid(1000)
os.seteuid(1010)
fp = open("06.dd")
ライセンス: CC-BY-SA帰属
所属していません StackOverflow
scroll top