[New-bugs-announce] [issue32347] System Integrity Protection breaks shutil.copystat()
report at bugs.python.org
Sat Dec 16 11:45:01 EST 2017
New submission from Ryan Govostes <rgovostes+python at gmail.com>:
On macOS, shutil.copystat() uses chflags() to try to copy filesystem flags from the source to destination.
In recent years, Apple introduced System Integrity Protection, which prevents modification of system files. These files have the non-standard SF_RESTRICTED flag set, which only the superuser can set.
Thus, unprivileged users can no longer use shutil.copy2() et al. to copy system files, which is a regression from previous releases of the OS.
It's unclear what the correct behavior should be: It some cases, it would be desirable to attempt to copy the bit.
It might be informative to look at the behavior of Apple's `copyfile_stat` function, which unsets these two flags:
* File flags that are not preserved when copying stat information.
#define COPYFILE_OMIT_FLAGS (UF_TRACKED | SF_RESTRICTED)
This was also filed to Apple as rdar://36090921
nosy: Ryan Govostes, ned.deily, ronaldoussoren
title: System Integrity Protection breaks shutil.copystat()
versions: Python 3.6
Python tracker <report at bugs.python.org>
More information about the New-bugs-announce