classification
Title: PEP 433: Use the new cloexec to improve security and avoid bugs
Type: Stage:
Components: Library (Lib) Versions: Python 3.4
process
Status: open Resolution:
Dependencies: Superseder:
Assigned To: Nosy List: haypo, neologix
Priority: normal Keywords: patch

Created on 2013-01-29 13:09 by haypo, last changed 2013-01-29 13:24 by haypo.

Files
File name Uploaded Description Edit
cloexec_fs_walk.patch haypo, 2013-01-29 13:09
cloexec_listening_socket.patch haypo, 2013-01-29 13:09
cloexec_log_file.patch haypo, 2013-01-29 13:09
cloexec_misc.patch haypo, 2013-01-29 13:09
cloexec_subprocess.patch haypo, 2013-01-29 13:09
Messages (1)
msg180905 - (view) Author: STINNER Victor (haypo) * (Python committer) Date: 2013-01-29 13:09 
Attached patches use the new cloexec parameter added by the PEP 433 (see issue #17036).

cloexec_fs_walk.patch: [security] don't leak a file descriptors of directories to a child processes
cloexec_listening_socket.patch: [security] don't leak a listening socket to child processes, see also #12107
cloexec_log_file.patch: [security] don't leak the file descriptor of a log file to child processes
cloexec_subprocess.patch: [security/bugs] don't leak file descriptors to child processes
cloexec_misc.patch: misc mmodules

"security" is a strong word: if subprocess is called with close_fds=True, there is no such problem at all. It's more a theorical problem if a process is created in another thread without using the subprocess module (but directly low level functions).
History
Date User Action Args
2013-01-29 13:24:40hayposettitle: Use the new cloexec to improve security and avoid bugs -> PEP 433: Use the new cloexec to improve security and avoid bugs
2013-01-29 13:09:43hayposetfiles: + cloexec_subprocess.patch
2013-01-29 13:09:36hayposetfiles: + cloexec_misc.patch
2013-01-29 13:09:29hayposetfiles: + cloexec_log_file.patch
2013-01-29 13:09:23hayposetfiles: + cloexec_listening_socket.patch
2013-01-29 13:09:17haypocreate