def test_fromfile(self):
fd = os.open("/dev/null", os.O_RDONLY)
fp = open("/dev/null")
self.assertEqual(cap._cffi.buffer(cap.Rights(fd)._rights),
cap._cffi.buffer(cap.right.ALL._rights))
cap.Rights(fp)
self.assertEqual(cap.Fcntls(fd)._flags, cap.fcntl.ALL)
cap.Fcntls(fp)
self.assertIs(cap.Ioctls(fd)._ioctls, None)
cap.Ioctls(fp)
def test_openat(self):
fd = os.open("/dev", os.O_RDONLY)
cap.enter()
self.assertTrue(cap.sandboxed())
rightset = {
cap.READ, # to allow the openat(O_RDONLY)
cap.LOOKUP, # Also for openat()
cap.FSTAT, # Used by Python os.fdopen(), although non-fatal if
# denied. Attempts the syscall twice if denied,
# though.
cap.FCNTL, # Used by Python os.fdopen() for F_GETFL. Fatal if
# denied.
}
cap.limit(fd, cap.Rights(rightset))
# Since we permit fcntl(), restrict the set of valid fcntls.
cap.fcntls_limit(fd, cap.Fcntls({cap.fcntl.GETFL}))
# Ordinary open is not permitted in sandbox mode:
with self.assertRaises(EnvironmentError) as cm:
open("/dev/null")
self.assertEqual(cm.exception.errno, cap.ECAPMODE)
# But with at least the privileges granted above, we can openat() and
# read() from a file-like object:
f = cap.openat(fd, "null", os.O_RDONLY)
f.readlines()
def test_fcntls_limit_trivial(self):
fd = os.open("/dev/null", os.O_RDONLY)
cap.fcntls_limit(fd, cap.Fcntls([cap.fcntl.ALL]))
cap.enter()
self.assertTrue(cap.sandboxed())
# No-op, just verify no exception is raised.
flags = py_fcntl.fcntl(fd, py_fcntl.F_GETFL)
py_fcntl.fcntl(fd, py_fcntl.F_SETFL, flags)
# Restrict to no fcntl rights and except NOTCAPABLE.
cap.fcntls_limit(fd, cap.Fcntls())
with self.assertRaises(EnvironmentError) as cm:
py_fcntl.fcntl(fd, py_fcntl.F_GETFL)
self.assertEqual(cm.exception.errno, cap.ENOTCAPABLE)
def test_limits_ebadf(self):
with self.assertRaises(EnvironmentError) as cm:
cap.limit(-1, cap.right.NONE)
self.assertEqual(cm.exception.errno, errno.EBADF)
with self.assertRaises(EnvironmentError) as cm:
cap.fcntls_limit(-1, cap.Fcntls([]))
self.assertEqual(cm.exception.errno, errno.EBADF)
with self.assertRaises(EnvironmentError) as cm:
cap.ioctls_limit(-1, cap.Ioctls([]))
self.assertEqual(cm.exception.errno, errno.EBADF)
def test_fromfile_ebadf(self):
with self.assertRaises(EnvironmentError) as cm:
cap.Rights(-1)
self.assertEqual(cm.exception.errno, errno.EBADF)
with self.assertRaises(EnvironmentError) as cm:
cap.Fcntls(-1)
self.assertEqual(cm.exception.errno, errno.EBADF)
with self.assertRaises(EnvironmentError) as cm:
cap.Ioctls(-1)
self.assertEqual(cm.exception.errno, errno.EBADF)
def test_copy_ctors(self):
cap.Rights(cap.Rights())
cap.Fcntls(cap.Fcntls())
cap.Ioctls(cap.Ioctls())
def test_fcntls_negative(self):
# By definition zero is not a valid flag bit.
with self.assertRaises(ValueError):
cap.Fcntls([0])
with self.assertRaises(AttributeError):
cap.fcntl.DoesNotExist
def test_fcntls_obj(self):
cap.Fcntls()
cap.Fcntls({cap.fcntl.GETFL})
cap.Fcntls({cap.fcntl.GETFL}) # test the cache behavior
cap.Fcntls([cap.fcntl.SETFL, cap.fcntl.SETOWN])