[英]nodejs process.setgid, process.setuid behavior with fs module
目录:
drwxrwxr-x 2 alex alex 4096 Aug 3 12:03 ./
drwxr-xr-x 17 alex alex 4096 Aug 3 11:18 ../
-rwx------ 1 root root 19 Aug 3 11:24 privilegedStuff*
-rwxrwx--- 1 root root 28 Aug 3 12:10 privilegedStuff1*
-rwxrwxr-x 1 alex alex 830 Aug 3 12:12 test.js*
测试.js:
#!/usr/bin/env node
var fs = require('fs');
console.log(' user id: ', process.getuid());
console.log(' group id: ', process.getgid());
console.log(' user effective id: ', process.getegid());
console.log('group effective id: ', process.getegid());
console.log('\n switching user and group...\n');
process.setgid(1000);
process.setegid(1000);
process.setuid(1000);
process.seteuid(1000);
console.log(' user id: ', process.getuid());
console.log(' group id: ', process.getgid());
console.log(' user effective id: ', process.getegid());
console.log('group effective id: ', process.getegid());
console.log('\n output: \n');
console.log(fs.readFileSync('./privilegedStuff1', 'utf8'))
// this throws error as expected so I commented that
// console.log(fs.readFileSync('./privilegedStuff', 'utf8'))
特权材料1:
content of privilegedStuff1
结果:
alex@hp:/apps/test$ sudo ./test.js
user id: 0
group id: 0
user effective id: 0
group effective id: 0
switching user and group...
user id: 1000
group id: 1000
user effective id: 1000
group effective id: 1000
output:
content of privilegedStuff1
所以我不明白的是为什么 node 不会抛出错误,因为它很好地处理了 privilegedStuff 文件? 我错过了什么?
alex@hp:/apps/test$ groups
alex adm cdrom sudo dip plugdev lpadmin sambashare
alex@hp:/apps/test$ cat privilegedStuff1
cat: privilegedStuff1: Permission denied
alex@hp:/apps/test$ sudo -s
root@hp:/apps/test# groups
root
在我的测试中,我没有这样的问题。
您能否输入以下命令并显示结果:
ls -l privilegedStuff1
id
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.