bug in os.getgroups?
Jason R. Mastaler
jason-exp-1025465152.e12cd5 at mastaler.com
Tue Jun 25 15:25:52 EDT 2002
I've noticed that if you set both the real and effective uid and gid
of a process (as root), os.getgroups() still shows root's supplemental
groups listed, yet you cannot delete a file that one of the
supplemental groups has permission to delete. Any explanations?
For example:
# id johndoe
uid=667(johndoe) gid=31(guest) groups=31(guest)
# id root
uid=0(root) gid=0(wheel) groups=0(wheel), 2(kmem), 3(sys), 4(tty), 5(operator), 20(staff), 31(guest)
# ls -l /tmp/junk
-rw-rw-r-- 1 root staff 0 Jun 25 13:19 /tmp/junk
# python
Python 2.2.1 (#1, Apr 22 2002, 10:19:01)
[GCC 2.95.3 20010315 (release) [FreeBSD]] on freebsd4
Type "help", "copyright", "credits" or "license" for more information.
>>> import os
>>> os.setgid(31)
>>> os.setuid(667)
>>> os.getgroups()
[31, 0, 2, 3, 4, 5, 20, 31]
>>> os.unlink('/tmp/junk')
Traceback (most recent call last):
File "<stdin>", line 1, in ?
OSError: [Errno 1] Operation not permitted: '/tmp/junk'
>>>
More information about the Python-list
mailing list