in reply to Re^6: perl file status and sudo
in thread perl file status and sudo

sudo is used to give people the right to run a specific command as a different user -- it doesn't control the rights inside some other program. (Given that you're in "security", I would assume you knew this).
As Security, I am allowed to see anything, but change nothing
If you're allowed to "see anything", why do you think you need special permission to see if a file exists? Do you know what "anything" means? Perhaps you use a different meaning that the rest of the world?
and so as my standard user, am told files do not exist that really do.
Are you sure noone is trying to pull you a leg? "Files that do not exist that really do" sound like a prank -- like what they try to pull on newbies in a woodshop: sending them on an errand to get a square hole drill.

Replies are listed 'Best First'.
Re^8: perl file status and sudo
by Anonymous Monk on Mar 22, 2012 at 21:07 UTC

    I think he means situations where he is denied read access to a directory:

    $ echo $EUID
1000

$ ls -ld /var/log/apache2
drwxr-x--- 2 root adm 12288 Mar 18 06:25 /var/log/apache2
$ ls -l /var/log/apache2
ls: cannot open directory /var/log/apache2: Permission denied
$ perl -E 'say ((-e q-/var/log/apache2/access.log-) ? "exists" : "not 
+exists: $!")'
not exists: Permission denied

# echo $EUID
0
# perl -E 'say ((-e q-/var/log/apache2/access.log-) ? "exists" : "not 
+exists: $!")'
exists

    [download]

    He probably just should examine $!

[reply]
[d/l]
[select]
      I cannot think of a situation where you have "read access to anything", but don't have read access to a directory. Anyway, if he needs read access to a directory, ACLs can be used. As I pointed out in my first reply.
[reply]

        Viewing a directory listing requires read permission on the directory, but entering the directory and viewing the files inside it requires execute permission on the directory. He could be talking about something like that, where he has read permission for everything but can't see some files because he doesn't have execute permission on all directories. That's not real security, and it wouldn't make a lot of sense, but not much about this situation seems to.

        Aaron B.
        My Woefully Neglected Blog, where I occasionally mention Perl.

[reply]

In Section Seekers of Perl Wisdom