[英]nodejs process.setgid, process.setuid behavior with fs module
目錄:
drwxrwxr-x 2 alex alex 4096 Aug 3 12:03 ./
drwxr-xr-x 17 alex alex 4096 Aug 3 11:18 ../
-rwx------ 1 root root 19 Aug 3 11:24 privilegedStuff*
-rwxrwx--- 1 root root 28 Aug 3 12:10 privilegedStuff1*
-rwxrwxr-x 1 alex alex 830 Aug 3 12:12 test.js*
測試.js:
#!/usr/bin/env node
var fs = require('fs');
console.log(' user id: ', process.getuid());
console.log(' group id: ', process.getgid());
console.log(' user effective id: ', process.getegid());
console.log('group effective id: ', process.getegid());
console.log('\n switching user and group...\n');
process.setgid(1000);
process.setegid(1000);
process.setuid(1000);
process.seteuid(1000);
console.log(' user id: ', process.getuid());
console.log(' group id: ', process.getgid());
console.log(' user effective id: ', process.getegid());
console.log('group effective id: ', process.getegid());
console.log('\n output: \n');
console.log(fs.readFileSync('./privilegedStuff1', 'utf8'))
// this throws error as expected so I commented that
// console.log(fs.readFileSync('./privilegedStuff', 'utf8'))
特權材料1:
content of privilegedStuff1
結果:
alex@hp:/apps/test$ sudo ./test.js
user id: 0
group id: 0
user effective id: 0
group effective id: 0
switching user and group...
user id: 1000
group id: 1000
user effective id: 1000
group effective id: 1000
output:
content of privilegedStuff1
所以我不明白的是為什么 node 不會拋出錯誤,因為它很好地處理了 privilegedStuff 文件? 我錯過了什么?
alex@hp:/apps/test$ groups
alex adm cdrom sudo dip plugdev lpadmin sambashare
alex@hp:/apps/test$ cat privilegedStuff1
cat: privilegedStuff1: Permission denied
alex@hp:/apps/test$ sudo -s
root@hp:/apps/test# groups
root
在我的測試中,我沒有這樣的問題。
您能否輸入以下命令並顯示結果:
ls -l privilegedStuff1
id
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.