IOError - cannot create file (linux daemon-invoked script)
Nobody
nobody at nowhere.com
Tue Jan 5 13:58:23 EST 2010
On Mon, 04 Jan 2010 21:30:31 -0800, cassiope wrote:
> One more tidbit observed: my last note, that it works when using
> seteuid/setegid?
> Well - that only applies if the daemon is running under strace (!).
> It fails
> if started directly by root, or if the strace session has ended,
> leaving the
> main body of the daemon running in its normal headless manner.
>
> I wonder if running under "strace -f" - might setegid/seteuid be
> prevented from
> having their normal effect?
Possibly. The ptrace() syscall on which strace depends will fail if you
try to trace a "privileged" process and you aren't root, so it's possible
that a ptrace()d process will refuse to become privileged.
Here, "privileged" includes a process which has changed any of its UIDs or
GIDs (this prevents a normal user from tracing, killing, etc an otherwise
privileged process which has switched to the user's UID for the time being).
More information about the Python-list
mailing list