newbie os.stat question
Ben Hutchings
do-not-spam-ben.hutchings at businesswebsoftware.com
Fri Apr 4 11:47:41 EST 2003
In article <7h3vfxvjrxy.fsf at pc150.maths.bris.ac.uk>, Michael Hudson wrote:
> Ben Hutchings <do-not-spam-ben.hutchings at businesswebsoftware.com> writes:
>
>> In article <AV_ia.7382$4P1.570905 at newsread2.prod.itd.earthlink.net>,
>> Tipton Bandy wrote:
>> >
>> > I've got my first python utility working pretty good, but
>> > I just need help on one point.
>> >
>> > I need to test a filename and return true or false based on
>> > whether the file is readable and writable by the user running
>> > my utility. Oh, yes, this is on Linux:)
>
> [...]
>
>> os.access
>
> is almost never what you want, because it uses the real user id, not
> the effective user id.
<snip>
Well that's what you are most likely to want to check! But writing a
setuid program should be done with extreme caution and I wouldn't want
to try doing it in Python.
Anyone contemplating doing so should read /Advanced Programming in the
Unix Environment/ <http://www.kohala.com/start/apue.html> and /Setuid
Demystified/ <http://www.cs.berkeley.edu/~daw/papers/setuid-usenix02.pdf>
(treat the latter as corrections for the former) and should use
misc/setuid-prog.c as a wrapper for the Python script.
More information about the Python-list
mailing list