stackoom
  简体   繁体   中英

Can I limit write access of a program to a certain directory in osx? Also set maximum size of the directory and memory allocated

 原文  2013-07-19 21:15:23       python/ macos/ memory/ permissions

Question

I am writing code with python that might run wild and do unexpected things. These might include trying to save very large arrays to disk and trying to allocate huge amounts of memory for arrays (more than is physically available on the system).

I want to run the code in a constrained environment in Mac OSX 10.7.5 with the following rules:

  • The program can write files to one specific directory and no others (ie it cannot modify files outside this directory but it's ok to read files from outside)
  • The directory has a maximum "capacity" so the program cannot save gigabytes worth of data
  • Program can allocate only a finite amount of memory

Does anyone have any ideas on how to set up such a controlled environment?

Thanks.

2 answers

solution1
 0  2013-07-19 21:24:12

import os

stats = os.stat('possibly_big_file.txt')

if (stats.st_size > TOOBIG):
print "Oh no....."

solution2
 0  2013-07-20 13:48:54

A simple and naive solution, that can be expanded to achieve what you want: 

WRITABLE_DIRECTORY = '/full/path/to/writable/directory'


class MaxSizeFile(object):
    def __init__(self, fobj, max_bytes=float('+inf')):
        self._fobj = fobj
        self._max = max_bytes
        self._cur = 0
    def write(self, data):
        # should take into account file position...
        if self._cur + len(data) > self._max:
            raise IOError('The file is too big!')
        self._fobj.write(data)
        self._cur += len(data)
    def __getattr__(self, attr):
        return getattr(self._fobj, attr)


def my_open(filename, mode='r', ..., max_size=float('+inf')):
    if '+' in mode or 'w' in mode:
        if os.path.dirname(filename) != WRITABLE_DIRECTORY:
            raise OSError('Cannot write outside the writable directory.')
    return MaxSizeFile(open(filename, mode, ...), max_size)

Then, instead using the built-in open you call my_open . The same can be done for the arrays. Instead of allocating the arrays directly you call a function that keeps track of how much memory has been allocated and eventually raises an exception.

Obviously this gives only really light constraints, but if the program wasn't written with the goal of causing problems it should be enough.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Bash script that can write and execute files only from certain directory Check if I can write a file to a directory or not with Python How can I set different directory to the current directory in python? No such file or directory even though it is set to write mode. How to fix this problem and how can I properly do it? In python, how do I copy files into a directory and stop once that directory reaches a certain size Why does a python program continue to write to the directory in which it was originally located, after I move the file to another directory? set directory for search program in python How can I set a root directory dynamically? How can I limit access to certain urls depending on the logged in user? How to limit to specific directory access on Python simplehttpserver
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM