0

I'm trying to use subprocess to call user programs. Right now I'm trying to use subprocess.Popen with preexec_fn calling os.setuid and os.chroot to sandbox the user code, but I'm running into permission issues. Operation not permitted. I saw some code samples do similar things but for some reason I'm running into issues.

patty
  • 69
  • 5
  • Code needs to be running as a privileged user to invoke those calls; thus, setuid can only be used to _decrease_ privileges, not _increase_ them. If your code is in fact running as root already, check its capability set -- dropping capabilities is often used to reduce the potential damage a subverted process can do if it's running as root. – Charles Duffy Feb 22 '22 at 00:28
  • In general, a good place to start here is the manual for the underlying syscalls or C library functions; typically that documentation will list the failure modes that lead to each error. – Charles Duffy Feb 22 '22 at 00:31
  • (another possibility is syscall filters or security layers like SELinux, which can restrict the range of actions a process is allowed to take; there are enough possible ways a system can be configured to disallow these calls it's not really possible to provide a comprehensive list) – Charles Duffy Feb 22 '22 at 00:32
  • Anyhow -- if you want to refine the question, a good place to start would be to show enough code, and enough details about the reproduction environment, to let someone else reproduce the problem so answers can be tested. – Charles Duffy Feb 22 '22 at 00:35
  • @Johnsyweb, are you sure this is a duplicate? I'm not using my own dupehammer to reopen it right now because I think it runs afoul of other criteria for topicality (lacking a [mre] or other details needed sufficient to allow tested answers), but the OP states that they _are_ using `subprocess.Popen`, and that the problems they're having relate to sandboxing the called process via a calling same with a `preexec_fn` callback that drops privileges; that's not exactly consistent with being a duplicate of a "don't know what `subprocess.Popen` is" beginner question. – Charles Duffy Feb 22 '22 at 02:23

0 Answers0