Avocado is a set of tools and libraries to help with automated testing. One can call it a test framework with benefits. Native tests are written in Python and they follow the unittest pattern, but any executable can serve as a test.
Is your feature request related to a problem? Please describe.
In issue #5945 and related PR #5946 we have discovered that os.access is not that robust as we thought and can provide false resolutions in specific environment.
Here is more information related to this topic provided by @eeslook:
Note I/O operations may fail even when access() indicates that they would succeed, particularly for operations on network filesystems which may have permissions semantics beyond the usual POSIX permission-bit model.
access() checks whether the calling process can access the file pathname. If pathname is a symbolic link, it is dereferenced.
The check is done using the calling process's real UID and GID, rather than the effective IDs as is done when actually attempting an operation (e.g., open(2)) on the file.
This allows set-user-ID programs and capability-endowed programs to easily determine the invoking user's authority. In other words, access() does not answer the "can I read/write/execute this file?" question. It answers a slightly different question:"(assuming I'm a setuid binary) can the user who invoked me read/write/execute this file?", which gives set-user-ID programs the possibility to prevent malicious users from causing them to read files which users shouldn't be able to read.
If the calling process is privileged (i.e., its real UID is zero), then an X_OK check is successful for a regular file if execute permission is enabled for any of the file owner, group, or other.
This document discusses many best practices for secure programming, including avoiding the use of access() for permission checks to prevent race conditions and privilege escalation attacks.
Describe the solution you'd like
Because we use os.access in the crucial part of avocado, we need to make sure that it is stable and secure. Let's create a utility based on the solution from #5946 which can replace occurrences of os.access from Avocado code.
Is your feature request related to a problem? Please describe. In issue #5945 and related PR #5946 we have discovered that
os.access
is not that robust as we thought and can provide false resolutions in specific environment.Here is more information related to this topic provided by @eeslook:
Python Official Documentation:
Security Considerations in Python Official Documentation:
os.access
:Linux Manual Pages:
access(2) - Linux manual page
Secure Programming Practices:
access()
for permission checks to prevent race conditions and privilege escalation attacks.Describe the solution you'd like Because we use
os.access
in the crucial part of avocado, we need to make sure that it is stable and secure. Let's create a utility based on the solution from #5946 which can replace occurrences ofos.access
from Avocado code.