def test_with_guid(self, initgroups, setuid, setgid, parse_gid, parse_uid): parse_uid.return_value = 5001 parse_gid.return_value = 50001 maybe_drop_privileges(uid="user", gid="group") parse_uid.assert_called_with("user") parse_gid.assert_called_with("group") setgid.assert_called_with(50001) initgroups.assert_called_with(5001, 50001) setuid.assert_called_with(5001)
def test_setegid(self, _setegid, _getegid, parse_gid): parse_gid.return_value = 50001 _getegid.return_value = 50001 setegid("group") parse_gid.assert_called_with("group") self.assertFalse(_setegid.called) _getegid.return_value = 1 setegid("group") _setegid.assert_called_with(50001)
def test_with_guid(self, initgroups, setuid, setgid, parse_gid, parse_uid): parse_uid.return_value = 5001 parse_gid.return_value = 50001 maybe_drop_privileges(uid="user", gid="group") parse_uid.assert_called_with("user") parse_gid.assert_called_with("group") setgid.assert_called_with(50001) initgroups.assert_called_with(5001, 50001) setuid.assert_called_with(5001)
def test_setegid(self, _setegid, _getegid, parse_gid): parse_gid.return_value = 50001 _getegid.return_value = 50001 setegid('group') parse_gid.assert_called_with('group') self.assertFalse(_setegid.called) _getegid.return_value = 1 setegid('group') _setegid.assert_called_with(50001)
def test_with_guid(self, initgroups, setuid, setgid, parse_gid, parse_uid): def raise_on_second_call(*args, **kwargs): setuid.side_effect = OSError() setuid.side_effect.errno = errno.EPERM setuid.side_effect = raise_on_second_call parse_uid.return_value = 5001 parse_gid.return_value = 50001 maybe_drop_privileges(uid='user', gid='group') parse_uid.assert_called_with('user') parse_gid.assert_called_with('group') setgid.assert_called_with(50001) initgroups.assert_called_with(5001, 50001) setuid.assert_has_calls([call(5001), call(0)]) setuid.side_effect = None with pytest.raises(SecurityError): maybe_drop_privileges(uid='user', gid='group') setuid.side_effect = OSError() setuid.side_effect.errno = errno.EINVAL with pytest.raises(OSError): maybe_drop_privileges(uid='user', gid='group')
def test_with_guid(self, initgroups, setuid, setgid, parse_gid, parse_uid): def raise_on_second_call(*args, **kwargs): setuid.side_effect = OSError() setuid.side_effect.errno = errno.EPERM setuid.side_effect = raise_on_second_call parse_uid.return_value = 5001 parse_gid.return_value = 50001 maybe_drop_privileges(uid="user", gid="group") parse_uid.assert_called_with("user") parse_gid.assert_called_with("group") setgid.assert_called_with(50001) initgroups.assert_called_with(5001, 50001) setuid.assert_has_calls([call(5001), call(0)]) setuid.side_effect = None with self.assertRaises(RuntimeError): maybe_drop_privileges(uid="user", gid="group") setuid.side_effect = OSError() setuid.side_effect.errno = errno.EINVAL with self.assertRaises(OSError): maybe_drop_privileges(uid="user", gid="group")
def test_with_guid(self, initgroups, setuid, setgid, parse_gid, parse_uid): def raise_on_second_call(*args, **kwargs): setuid.side_effect = OSError() setuid.side_effect.errno = errno.EPERM setuid.side_effect = raise_on_second_call parse_uid.return_value = 5001 parse_gid.return_value = 50001 maybe_drop_privileges(uid='user', gid='group') parse_uid.assert_called_with('user') parse_gid.assert_called_with('group') setgid.assert_called_with(50001) initgroups.assert_called_with(5001, 50001) setuid.assert_has_calls([call(5001), call(0)]) setuid.side_effect = None with pytest.raises(SecurityError): maybe_drop_privileges(uid='user', gid='group') setuid.side_effect = OSError() setuid.side_effect.errno = errno.EINVAL with pytest.raises(OSError): maybe_drop_privileges(uid='user', gid='group')
def test_setgid(self, _setgid, parse_gid): parse_gid.return_value = 50001 setgid('group') parse_gid.assert_called_with('group') _setgid.assert_called_with(50001)
def test_only_gid(self, parse_gid, setgid, setuid): parse_gid.return_value = 50001 maybe_drop_privileges(gid='group') parse_gid.assert_called_with('group') setgid.assert_called_with(50001) setuid.assert_not_called()
def test_setgid(self, _setgid, parse_gid): parse_gid.return_value = 50001 setgid('group') parse_gid.assert_called_with('group') _setgid.assert_called_with(50001)
def test_only_gid(self, parse_gid, setgid, setuid): parse_gid.return_value = 50001 maybe_drop_privileges(gid='group') parse_gid.assert_called_with('group') setgid.assert_called_with(50001) self.assertFalse(setuid.called)
def test_only_gid(self, parse_gid, setgid, setuid): parse_gid.return_value = 50001 maybe_drop_privileges(gid="group") parse_gid.assert_called_with("group") setgid.assert_called_with(50001) self.assertFalse(setuid.called)