Opened 13 years ago

Closed 13 years ago

Last modified 10 years ago

#10 closed defect (invalid)

ftputil does not work properly within directories with limited permissions

Reported by: Valeriy Pogrebitskiy (vpogrebi@… Owned by: schwa
Priority: major Milestone: never
Component: Library Version:
Keywords: ftputil, DIR, ls, permission, access, PermanentError Cc:

Description

Majority of FTP servers (at least, within financial industry) are configured in such a way that user LOGIN directory and HOME directory are not the same. On many servers, LOGIN directory is a root (/) directory where user privileges are restricted. For example, 'ls' and 'dir' commands produce exceptions. Often, the ONLY command available to user in / directory is 'cd' - to let user step into a folder within his/her own HOME directory.

When this is the case, attempts to use 'ftputil' package to execute DIR, LS, GET, PUT, etc. statement while being "phisically" in the directory with restricted access - results in "\ftputil.ftp_error.PermanentError?: 550 Permission denied" exceptions.

Temporary solution for this - is to execute (in code) explicit CHDIR command to "step" into the directory with sufficient user privileges - before any other commands are executed.

When FTPUTIL ('ftphost') executes any of directory (or file) access procedures (listdir(), isdir(), etc.) - it actually steps into that directory, and steps back after operation is done. In the situation described above (insufficient privileges within directory before the function call) - it fails to step back, resulting in the situation that current working directory BEFORE and AFTER the call are different.

Here is an example to show this:

ftp.connect(server, user, passwd) ftp.host.getcwd()

'/'

ftp.host.path.isdir('/hedgefunds/dbmasters/inbound')

Traceback (most recent call last):

File "<stdin>", line 1, in ? File "/usr/project/arena/prods/python/2.2.1/lib/python2.2/site-packages/ftputil/ftp_path.py", line 113, in isdir

stat_result = self._host.stat(

File "/usr/project/arena/prods/python/2.2.1/lib/python2.2/site-packages/ftputil/ftputil.py", line 611, in stat

return self._stat.stat(path, _exception_for_missing_path)

File "/usr/project/arena/prods/python/2.2.1/lib/python2.2/site-packages/ftputil/ftp_stat.py", line 197, in stat

lstat_result = self.lstat(path, _exception_for_missing_path)

File "/usr/project/arena/prods/python/2.2.1/lib/python2.2/site-packages/ftputil/ftp_stat.py", line 156, in lstat

lines = self._host_dir(dirname)

File "/usr/project/arena/prods/python/2.2.1/lib/python2.2/site-packages/ftputil/ftp_stat.py", line 105, in _host_dir

return self._host._dir(path)

File "/usr/project/arena/prods/python/2.2.1/lib/python2.2/site-packages/ftputil/ftputil.py", line 601, in _dir

self.chdir(old_dir)

File "/usr/project/arena/prods/python/2.2.1/lib/python2.2/site-packages/ftputil/ftputil.py", line 526, in chdir

ftp_error._try_with_oserror(self._session.cwd, path)

File "/usr/project/arena/prods/python/2.2.1/lib/python2.2/site-packages/ftputil/ftp_error.py", line 77, in _try_with_oserror

raise PermanentError?(obj)

ftputil.ftp_error.PermanentError?: 550 Permission denied.

ftp.host.getcwd()

'/hedgefunds'

Change History (6)

comment:1 Changed 13 years ago by Valeriy Pogrebitskiy (vpogrebi@…

Majority of FTP servers (at least, within financial industry) are configured in such a way that user LOGIN directory and HOME directory are not the same. On many servers, LOGIN directory is a root (/) directory where user privileges are restricted. For example, 'ls' and 'dir' commands produce exceptions. Often, the ONLY command available to user in / directory is 'cd' - to let user step into a folder within his/her own HOME directory.

When this is the case, attempts to use 'ftputil' package to execute DIR, LS, GET, PUT, etc. statement while being "phisically" in the directory with restricted access - results in "ftputil.ftp_error.PermanentError: 550 Permission denied" exceptions.

Temporary solution for this - is to execute (in code) explicit CHDIR command to "step" into the directory with sufficient user privileges - before any other commands are executed.

When FTPUTIL ('ftphost') executes any of directory (or file) access procedures (listdir(), isdir(), etc.) - it actually steps into that directory, and steps back after operation is done. In the situation described above (insufficient privileges within directory before the function call) - it fails to step back, resulting in the situation that current working directory BEFORE and AFTER the call are different.

Here is an example to show this:

ftp.connect(server, user, passwd) >>> ftp.host.getcwd() '/' >>> ftp.host.path.isdir('/hedgefunds/dbmasters/inbound') Traceback (most recent call last):

File "<stdin>", line 1, in ? File "/usr/project/arena/prods/python/2.2.1/lib/python2.2/site-packages/ftputil/ftp_path.py", line 113, in isdir

stat_result = self._host.stat(

File "/usr/project/arena/prods/python/2.2.1/lib/python2.2/site-packages/ftputil/ftputil.py", line 611, in stat

return self._stat.stat(path, _exception_for_missing_path)

File "/usr/project/arena/prods/python/2.2.1/lib/python2.2/site-packages/ftputil/ftp_stat.py", line 197, in stat

lstat_result = self.lstat(path, _exception_for_missing_path)

File "/usr/project/arena/prods/python/2.2.1/lib/python2.2/site-packages/ftputil/ftp_stat.py", line 156, in lstat

lines = self._host_dir(dirname)

File "/usr/project/arena/prods/python/2.2.1/lib/python2.2/site-packages/ftputil/ftp_stat.py", line 105, in _host_dir

return self._host._dir(path)

File "/usr/project/arena/prods/python/2.2.1/lib/python2.2/site-packages/ftputil/ftputil.py", line 601, in _dir

self.chdir(old_dir)

File "/usr/project/arena/prods/python/2.2.1/lib/python2.2/site-packages/ftputil/ftputil.py", line 526, in chdir

ftp_error._try_with_oserror(self._session.cwd, path)

File "/usr/project/arena/prods/python/2.2.1/lib/python2.2/site-packages/ftputil/ftp_error.py", line 77, in _try_with_oserror

raise PermanentError?(obj) ftputil.ftp_error.PermanentError: 550 Permission denied. >>> ftp.host.getcwd() '/hedgefunds'

comment:2 Changed 13 years ago by schwa

Status: newassigned

comment:3 Changed 13 years ago by schwa

Keywords: ftputil ls permission access added; FTPUTIL LS PERMISSION ACCESS removed

comment:4 Changed 13 years ago by schwa

Milestone: 2.1
Summary: FTPUTIL does not work properly within directories with limited permissionsftputil does not work properly within directories with limited permissions

I think what you describe are two issues:

  1. you get PermanentErrors if you call listdir etc. in an inaccessible login directory
  2. ftputil changes the directory to process a stat call for another directory - and fails to change back into the original directory because of insufficient permission

Regarding 1: I think that ftputil's behavior here is completely correct. Calling e. g. listdir on an unreadable directory IMHO should raise a PermanentError. Moreover, "automagically" changing into some other directory would probably be confusing for ftputil users.

Regarding 2: I can't set up my local FTP server to show the situation you describe. Could you please test if the problem still exists for a recent ftputil version? Possibly, the issue you describe was fixed with changeset:412?

comment:5 Changed 13 years ago by schwa

Resolution: invalid
Status: assignedclosed

comment:6 Changed 10 years ago by schwa

Milestone: never
Note: See TracTickets for help on using tickets.