允许python应用程序为任何用户创建和访问文件，但不允许用户直接访问文件

Question

I am developing an application in python, and I'm struggling with file permissions.

My application is creating, accessing and modifying several files using the shelve and logging modules.

This application will be on a server, and will be used by several users belonging to different groups.

My problem is that the files are marked as owned by the user who launched the application for the first time, thus creating the files, and after that, when another user launches the application he does not have the needed rights to access the files, and the application crashes.

I could modify the permissions to allow all users to access and modify the files, but this wouldn't be really satisfying.

I found that using setuid I maybe could allow the application to access the files when launched by any user, but not allow the users to directly modify the files. This would be exactly what I need.

However, I couldn't find a way to modify the umask or the rights of the files created by shelve and logging modules.

I think that maybe for the files accessed by shelve I can use os.umask to create the files before I access them, but it seems that wouldn't work for the files created by logging because I'm using a rotating file handler that might create files whenever the log files are full.

What would be the more pythonic way to handle that ?

Edit :

As asked in the comments, here is a simple snippet of code that replicates my problem.

#!/usr/bin/env python2.7
import logging

logger = logging.getLogger('test_logger')
logger.setLevel(logging.DEBUG)

fh = logging.FileHandler('logfile.log')
formatter = logging.Formatter('%(asctime)s - %(name)s - %(levelname)s - %(message)s')
fh.setFormatter(formatter)
logger.addHandler(fh)

logger.info('Test')

Now if user A launches the application, a log file is created. If user B then launches the application, i have an error because he hasn't the rights to access the log file.

The error is IOError : Permission denied [...]/logfile.log

EDIT 2

Some additional information :

I do not have root access on the system where my application is, so setting a user specifically for my creating a user for the sole use of my application seems not possible.

The application will be rarely used, and by a small number of persons, thus I am for now assuming the won't access it at the same time.

I don't need authentication and authorizations in the application. It should work exactly the same way for any user.

I think that, as suggested by goncalopp, creating a user and running the application as that user would be the best solution, but I am afraid that won't be possible. I'm going to have to ask the sysadmin.

Answer 1

It's not clear in your question what should happen if several users run the application at the same time. You'll have several processes writing to the same files simultaneously, unless you have a explicit lockfile, or some other synchronization mechanism.

Assuming you have sychronization solved, setuid may not be the best solution here. As python is a interpreted language, it's particularly difficult to setup, and the usual security considerations apply

The usual unix solution to this kind of problem is to have your program run as a particular system user, which is created for that sole purpose . The program could either run as a daemon or in a cronjob. Using this method, if you need user interaction, you'll then have to explicitly expose operations to the users in your program, and have authentication and authorizarion mechanisms .

For interaction, you could, for example, use (unix or plain) sockets or watched/pool directories, depending on the nature of your program. For authentication,

Of course, all this means extra development work, which you may not be able to do at this point. A workaround could be allowing passwordless sudo to a specific user and command

Answer 2

You could try using the webbrowser api to open a file,

It dosen't need permissions