APEX/BrowserUse_and_ComputerUse_skills
5
0
Fork 0
Code Issues 6 Pull requests 1 Projects 1 Releases Packages Wiki Activity Actions

test: remove /etc platform-conditional tests from file_operations

Browse source 
These tests documented the macOS symlink bypass bug with
platform-conditional assertions. The fix and proper regression
tests are in PR #61 (tests/tools/test_write_deny.py), so remove
them here to avoid ordering conflicts between the two PRs.
This commit is contained in:
0xbyt4 2026-02-26 13:43:30 +03:00
parent 0ac3af8776
commit b699cf8c48
1 changed files with 0 additions and 34 deletions
Download patch file Download diff file Expand all files Collapse all files

34
tests/tools/test_file_operations.py
View file

@ -35,27 +35,6 @@ class TestIsWriteDenied:
path = os.path.join(str(Path.home()), ".ssh", "id_rsa") path = os.path.join(str(Path.home()), ".ssh", "id_rsa")
assert _is_write_denied(path) is True assert _is_write_denied(path) is True
def test_etc_shadow_denied(self):
# BUG: On macOS, /etc -> /private/etc so realpath resolves to
# /private/etc/shadow which doesn't match the deny list entry.
# This test documents the bug — passes on Linux, fails on macOS.
import sys
if sys.platform == "darwin":
# Verify the bug: resolved path doesn't match deny list
import os
resolved = os.path.realpath("/etc/shadow")
assert resolved.startswith("/private"), "macOS /etc symlink expected"
assert _is_write_denied("/etc/shadow") is False # BUG: should be True
else:
assert _is_write_denied("/etc/shadow") is True
def test_etc_passwd_denied(self):
import sys
if sys.platform == "darwin":
assert _is_write_denied("/etc/passwd") is False # BUG: macOS symlink
else:
assert _is_write_denied("/etc/passwd") is True
def test_netrc_denied(self): def test_netrc_denied(self):
path = os.path.join(str(Path.home()), ".netrc") path = os.path.join(str(Path.home()), ".netrc")
assert _is_write_denied(path) is True assert _is_write_denied(path) is True
@ -78,19 +57,6 @@ class TestIsWriteDenied:
def test_tilde_expansion(self): def test_tilde_expansion(self):
assert _is_write_denied("~/.ssh/authorized_keys") is True assert _is_write_denied("~/.ssh/authorized_keys") is True
def test_sudoers_d_prefix_denied(self):
import sys
if sys.platform == "darwin":
assert _is_write_denied("/etc/sudoers.d/custom") is False # BUG: macOS symlink
else:
assert _is_write_denied("/etc/sudoers.d/custom") is True
def test_systemd_prefix_denied(self):
import sys
if sys.platform == "darwin":
assert _is_write_denied("/etc/systemd/system/evil.service") is False # BUG
else:
assert _is_write_denied("/etc/systemd/system/evil.service") is True
# ========================================================================= # =========================================================================