[ python-Bugs-1117601 ] os.path.exists returns false negatives in MAC environments.
SourceForge.net
noreply at sourceforge.net
Tue May 31 09:09:55 CEST 2005
Bugs item #1117601, was opened at 2005-02-06 16:57
Message generated for change (Comment added) made by josiahcarlson
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=105470&aid=1117601&group_id=5470
Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: Python Library
Group: Platform-specific
Status: Open
Resolution: None
Priority: 5
Submitted By: Stephen Bennett (sbennett)
Assigned to: Nobody/Anonymous (nobody)
Summary: os.path.exists returns false negatives in MAC environments.
Initial Comment:
In Mandatory Access Control environments (such as
SELinux), it's quite possible for stat to fail with
permission denied. In this case, os.path.exists will
return False incorrectly. The simple(ish) fix is to
check for an access denied error (which would indicate
present, but not readable) when using stat to check for
existence of files.
----------------------------------------------------------------------
Comment By: Josiah Carlson (josiahcarlson)
Date: 2005-05-31 00:09
Message:
Logged In: YES
user_id=341410
I believe Terry was curious about something like
os.path.exists("/etc/shadow/abc123") vs `ls -l
/etc/shadow/abc123`. If not, I know I am curious, and I
believe it may help with a corner case.
----------------------------------------------------------------------
Comment By: Stephen Bennett (sbennett)
Date: 2005-02-16 14:46
Message:
Logged In: YES
user_id=817465
As far as I know (at least for SELinux), permission denied
on stat() always means that the file exists, but getattr
isn't allowed. As for a reproducible test case, probably the
simplest example is a vanilla Fedora Core 3 system with
SELinux enabled and strict policy. From a regular user
account, call os.path.exists("/etc/shadow"). It will return
False even though the file exists. For comparison, an `ls -l
/etc/shadow` from the command line will simply print
'Permission Denied'.
----------------------------------------------------------------------
Comment By: Terry J. Reedy (tjreedy)
Date: 2005-02-16 12:26
Message:
Logged In: YES
user_id=593130
Does 'access denied' always mean 'present but not readable'
in every environment that gives such messages? I ask
because I have vague memories of wasting time trying to
get access to something that did not exist, because access
denied (or something like that) meant that I was denied
access even to info about whether it existed or not.
In any case, a reproducible example would help someone to
verify, fix, and write a test case for this if it is deemed to be
a fixable bug.
----------------------------------------------------------------------
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=105470&aid=1117601&group_id=5470
More information about the Python-bugs-list
mailing list