[issue32347] System Integrity Protection breaks shutil.copystat()
Ryan Govostes
report at bugs.python.org
Sat Dec 16 11:45:01 EST 2017
New submission from Ryan Govostes <rgovostes+python at gmail.com>:
On macOS, shutil.copystat() uses chflags() to try to copy filesystem flags from the source to destination.
In recent years, Apple introduced System Integrity Protection, which prevents modification of system files. These files have the non-standard SF_RESTRICTED flag set, which only the superuser can set.
Thus, unprivileged users can no longer use shutil.copy2() et al. to copy system files, which is a regression from previous releases of the OS.
It's unclear what the correct behavior should be: It some cases, it would be desirable to attempt to copy the bit.
It might be informative to look at the behavior of Apple's `copyfile_stat` function, which unsets these two flags:
/*
* File flags that are not preserved when copying stat information.
*/
#define COPYFILE_OMIT_FLAGS (UF_TRACKED | SF_RESTRICTED)
https://opensource.apple.com/source/copyfile/copyfile-146/copyfile.c.auto.html
This was also filed to Apple as rdar://36090921
----------
components: macOS
messages: 308479
nosy: Ryan Govostes, ned.deily, ronaldoussoren
priority: normal
severity: normal
status: open
title: System Integrity Protection breaks shutil.copystat()
type: behavior
versions: Python 3.6
_______________________________________
Python tracker <report at bugs.python.org>
<https://bugs.python.org/issue32347>
_______________________________________
More information about the Python-bugs-list
mailing list