Issue 12856: tempfile PRNG reuse between parent and child process

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

This issue has been migrated to GitHub: https://github.com/python/cpython/issues/57065

classification

Title:	tempfile PRNG reuse between parent and child process
Type:	behavior	Stage:	resolved
Components:	Library (Lib)	Versions:	Python 3.2, Python 3.3, Python 2.7

process

Status:	closed	Resolution:	fixed
Dependencies:		Superseder:
Assigned To:		Nosy List:	ferringb, ncoghlan, neologix, pitrou, python-dev
Priority:	normal	Keywords:	patch

Created on 2011-08-30 00:31 by ferringb, last changed 2022-04-11 14:57 by admin. This issue is now closed.

Files
File name	Uploaded	Description	Edit
unique-seed-per-process-tempfile.patch	ferringb, 2011-08-30 00:33	ensure PRNG is unique between parent/child	review
unique-seed-per-process-tempfile.patch	ferringb, 2011-08-30 02:07	round two; run only if os.fork exists, protect against changes in random value's size	review

Messages (7)
msg143192 - (view)	Author: Ferringb (ferringb) *	Date: 2011-08-30 00:31
Roughly; tempfile's uniqueness is derived from a global random instance; while there are protections for thread access, a forked child process /will/ inherit that PRNG source, resulting in children/parent trying the same set of names. Mostly it's proving annoying in some code I have to deal in, although it wouldn't surprise me if someone watching a known temp location could use the predictability in some fashion. As for affect, all versions of python have this; attached patch is cut against trunk.
msg143193 - (view)	Author: Ferringb (ferringb) *	Date: 2011-08-30 00:33
Bleh; pardon, reuploading the patch. hg export aparently appends to the output file rather than overwriting it (last patch had duplicated content in it).
msg143195 - (view)	Author: Antoine Pitrou (pitrou) *	Date: 2011-08-30 01:11
Interesting, thank you. Two nits: - the test must be skipped where os.fork() isn't available (namely, under Windows) - I would do os.read(fd, 100) (or some other large value) rather than os.read(fd, 6), so that the test doesn't depend on the exact length of the random sequences produced
msg143196 - (view)	Author: Ferringb (ferringb) *	Date: 2011-08-30 02:07
> the test must be skipped where os.fork() isn't available (namely, under Windows) Done, although I still humbly suggest telling windows to bugger off ;) > I would do os.read(fd, 100) (or some other large value) rather than os.read(fd, 6), so that the test doesn't depend on the exact length of the random sequences produced 100 is no different than 6 (same potential exists); better to just use the length from the parent side access to the PRNG. That leaves open the unlikely scenario of child returning 7 chars, parent 6, and child/parent agreeing on the first 6... which would very likely be a bug anyways.
msg147078 - (view)	Author: Charles-François Natali (neologix) *	Date: 2011-11-05 10:45
The patch looks good to me. Note that the whole kill(pid, SIGKILL) looks overkill to me...
msg148358 - (view)	Author: Roundup Robot (python-dev)	Date: 2011-11-25 20:38
New changeset 3c9ddd93c983 by Antoine Pitrou in branch '3.2': Issue #12856: Ensure child processes do not inherit the parent's random seed for filename generation in the tempfile module. http://hg.python.org/cpython/rev/3c9ddd93c983 New changeset 588087429809 by Antoine Pitrou in branch 'default': Issue #12856: Ensure child processes do not inherit the parent's random seed for filename generation in the tempfile module. http://hg.python.org/cpython/rev/588087429809 New changeset e42be90eb9c5 by Antoine Pitrou in branch '2.7': Issue #12856: Ensure child processes do not inherit the parent's random seed for filename generation in the tempfile module. http://hg.python.org/cpython/rev/e42be90eb9c5
msg148359 - (view)	Author: Antoine Pitrou (pitrou) *	Date: 2011-11-25 20:39
Patch committed, thank you!

History
Date	User	Action	Args
2022-04-11 14:57:21	admin	set	github: 57065
2011-11-25 20:39:51	pitrou	set	status: open -> closed resolution: fixed messages: + msg148359 stage: patch review -> resolved
2011-11-25 20:38:20	python-dev	set	nosy: + python-dev messages: + msg148358
2011-11-05 10:45:46	neologix	set	nosy: + neologix messages: + msg147078
2011-08-30 02:07:47	ferringb	set	files: + unique-seed-per-process-tempfile.patch messages: + msg143196
2011-08-30 01:11:31	pitrou	set	versions: + Python 2.7, Python 3.2, Python 3.3 nosy: + ncoghlan, pitrou messages: + msg143195 components: + Library (Lib) stage: patch review
2011-08-30 00:34:52	ferringb	set	files: - unique-seed-per-process-tempfile.patch
2011-08-30 00:33:36	ferringb	set	files: + unique-seed-per-process-tempfile.patch messages: + msg143193
2011-08-30 00:31:52	ferringb	create