PermissionError raised when fixing permissions on symlinks pointing to non-accessible file/directory
qkaiser opened this issue · 1 comments
qkaiser commented
If a filesystem holds a symlink pointing to a file located within a directory the process user has no access to, an unhandled PermissionError
exception will be raised and stop the extraction.
In the attached sample, the badlink
file points to /etc/ssl/private/ssl-cert-snakeoil.key
. This file can't be read due to permissions on /etc/ssl/private
:
ls -al /etc/ssl
total 52
drwxr-xr-x 4 root root 4096 feb 28 09:57 .
drwxr-xr-x 204 root root 12288 apr 10 14:11 ..
drwxr-xr-x 3 root root 16384 jun 8 2023 certs
-rw-r--r-- 1 root root 12419 feb 6 2023 openssl.cnf
drwx--x--- 2 root ssl-cert 4096 jun 8 2023 private
When calling .exists()
, pathlib follows the symlink and calls stat()
on the destination. Since the destination is in a directory that can't be read, the stat
call fails.
One solution would be to use the follow_symlinks attribute of exists()
, but it's only available since Python 3.12 so it's a no go.
Sample: sample.zip
Stack trace:
File "/home/quentin/.local/lib/python3.10/site-packages/unblob/extractor.py", line 102, in _fix_extracted_directory
fix_permission(path)
File "/home/quentin/.local/lib/python3.10/site-packages/unblob/extractor.py", line 26, in fix_permission
if not path.exists():
File "/usr/lib/python3.10/pathlib.py", line 1290, in exists
self.stat()