我正在编写一些检查可执行映射的代码。通过 /proc/$PID/map_files,Linux 提供了指向支持内存映射的文件的符号链接。
我的代码在这些符号链接之一(对应于主可执行文件)上调用“stat()”,不幸的是“权限被拒绝”。
我可以使用常规命令行工具重现此内容:
thomasdullien@debian-laptop:~$ stat /proc/1518/map_files/400000-514000
File: /proc/1518/map_files/400000-514000 -> /tmp/go-build362981811/b001/hashcache.test
Size: 64 Blocks: 0 IO Block: 1024 symbolic link
Device: 4h/4d Inode: 4248433 Links: 1
Access: (0400/lr--------) Uid: ( 1000/thomasdullien) Gid: ( 1000/thomasdullien)
Access: 2020-05-23 10:03:58.510445910 +0200
Modify: 2020-05-23 10:03:58.510445910 +0200
Change: 2020-05-23 10:03:58.510445910 +0200
Birth: -
thomasdullien@debian-laptop:~$ stat -L /proc/1518/map_files/400000-514000
stat: cannot stat '/proc/1518/map_files/400000-514000': Operation not permitted
thomasdullien@debian-laptop:~$ stat /tmp/go-build362981811/b001/hashcache.test
File: /tmp/go-build362981811/b001/hashcache.test
Size: 2543616 Blocks: 4968 IO Block: 4096 regular file
Device: fd01h/64769d Inode: 41425437 Links: 1
Access: (0755/-rwxr-xr-x) Uid: ( 1000/thomasdullien) Gid: ( 1000/thomasdullien)
Access: 2020-05-23 10:03:58.482452052 +0200
Modify: 2020-05-23 10:03:58.478452928 +0200
Change: 2020-05-23 10:03:58.478452928 +0200
Birth: -
所以我可以 lstat 原始符号链接,我可以统计目标文件,但符号链接上的常规统计失败。我猜问题与手册页的以下部分有关:
No permissions are required on the file itself, but—in the case of stat(),
fstatat(), and lstat()—execute (search) permission is required on all of the
directories in pathname that lead to the file.
似乎 /proc/$PID/map_files/ 本身不是 +x,因此该进程没有权限统计这些符号链接中的任何一个?
是这样吗?有谁能解释一下为什么要这样设置权限?
有没有办法让进程将这些符号链接设置为非根?