メモ。chroot試してみないとなーと思っててね。
(sandbox-django)tokibito@sandbox-ubuntu9:~/projects/chroottest$ ls -l 合計 8 -rw------- 1 root root 9 2009-09-03 01:43 data.dat -rw-r--r-- 1 tokibito tokibito 374 2009-09-03 01:47 tests.py (sandbox-django)tokibito@sandbox-ubuntu9:~/projects/chroottest$ cat tests.py import os from pwd import getpwnam root = os.path.dirname(os.path.abspath(__file__)) user = 'tokibito' st = getpwnam(user) print st os.chroot(root) print os.getcwd() print os.path.dirname(os.path.abspath(__file__)) f = open('data.dat') print f.read() f.close() print 'changeuser' os.setgid(st.pw_gid) os.setuid(st.pw_uid) f = open('data.dat') print f.read() f.close() (sandbox-django)tokibito@sandbox-ubuntu9:~/projects/chroottest$ sudo cat data.dat hogehoge (sandbox-django)tokibito@sandbox-ubuntu9:~/projects/chroottest$ python tests.py pwd.struct_passwd(pw_name='tokibito', pw_passwd='x', pw_uid=1000, pw_gid=1000, pw_gecos=',,,', pw_dir='/home/tokibito', pw_shell='/bin/bash') Traceback (most recent call last): File "tests.py", line 9, in <module> os.chroot(root) OSError: [Errno 1] Operation not permitted: '/home/tokibito/projects/chroottest' (sandbox-django)tokibito@sandbox-ubuntu9:~/projects/chroottest$ sudo python tests.py pwd.struct_passwd(pw_name='tokibito', pw_passwd='x', pw_uid=1000, pw_gid=1000, pw_gecos=',,,', pw_dir='/home/tokibito', pw_shell='/bin/bash') / / hogehoge changeuser Traceback (most recent call last): File "tests.py", line 21, in <module> f = open('data.dat') IOError: [Errno 13] Permission denied: 'data.dat'