➜
This issue tracker has been migrated to GitHub,
and is currently read-only.
For more information,
see the GitHub FAQs in the Python's Developer Guide.
Created on 2016-10-13 12:12 by Glandos, last changed 2022-04-11 14:58 by admin. This issue is now closed.
| Pull Requests | |||
|---|---|---|---|
| URL | Status | Linked | Edit |
| PR 5155 | closed | bananu7, 2018-01-11 11:26 | |
| Messages (3) | |||
|---|---|---|---|
| msg278567 - (view) | Author: (Glandos) | Date: 2016-10-13 12:12 | |
When using a grsecurity kernel with TPE enabled, the following happens with an untrusted user: Python 3.5.2+ (default, Sep 22 2016, 12:18:14) [GCC 6.2.0 20160914] on linux Type "help", "copyright", "credits" or "license" for more information. >>> from ctypes import CDLL Traceback (most recent call last): File "<stdin>", line 1, in <module> File "/usr/lib/python3.5/ctypes/__init__.py", line 537, in <module> _reset_cache() File "/usr/lib/python3.5/ctypes/__init__.py", line 276, in _reset_cache CFUNCTYPE(c_int)(lambda: None) MemoryError And grsecurity complains: oct. 13 13:52:27 belette64 kernel: grsec: From XX.XX.XX.XX: denied untrusted exec (due to not being in trusted group and file in world-writable directory) of /tmp/#38928416 by /usr/bin/python3.5[python3:19125] uid/euid:1000/1000 gid/egid:1000/1000, parent /usr/bin/fish[fish:17716] uid/euid:1000/1000 gid/egid:1000/1000 oct. 13 13:52:27 belette64 kernel: grsec: From XX.XX.XX.XX: denied untrusted exec (due to not being in trusted group and file in world-writable directory) of /var/tmp/#15073678 by /usr/bin/python3.5[python3:19125] uid/euid:1000/1000 gid/egid:1000/1000, parent /usr/bin/fish[fish:17716] uid/euid:1000/1000 gid/egid:1000/1000 oct. 13 13:52:27 belette64 kernel: grsec: From XX.XX.XX.XX: denied untrusted exec (due to not being in trusted group and file in world-writable directory) of /dev/shm/#4422450 by /usr/bin/python3.5[python3:19125] uid/euid:1000/1000 gid/egid:1000/1000, parent /usr/bin/fish[fish:17716] uid/euid:1000/1000 gid/egid:1000/1000 oct. 13 13:52:27 belette64 kernel: grsec: From XX.XX.XX.XX: denied untrusted exec (due to not being in trusted group and file in world-writable directory) of /dev/shm/#4422452 by /usr/bin/python3.5[python3:19125] uid/euid:1000/1000 gid/egid:1000/1000, parent /usr/bin/fish[fish:17716] uid/euid:1000/1000 gid/egid:1000/1000 oct. 13 13:52:29 belette64 kernel: grsec: From XX.XX.XX.XX: denied untrusted exec (due to not being in trusted group and file in world-writable directory) of /dev/shm/#4425509 by /usr/bin/python3.5[python3:19125] uid/euid:1000/1000 gid/egid:1000/1000, parent /usr/bin/fish[fish:17716] uid/euid:1000/1000 gid/egid:1000/1000 However, even if the solution should be to put the user in the trusted group, it seems that the involved call is just a workaround for Win64 platforms. The program I used is using ctypes through the xattr package, which never used CFUNCTYPE. Is it possible to wrap this "fake call" into a try block? |
|||
| msg362883 - (view) | Author: E. Castedo Ellerman (E. Castedo Ellerman) | Date: 2020-02-28 15:47 | |
This is now fixed in Python 3.8. See https://bugs.python.org/issue35523 |
|||
| msg387242 - (view) | Author: Petr Viktorin (petr.viktorin) *  |
Date: 2021-02-18 16:08 | |
Glandos, thank you for the report and fix, and apologies that it wasn't seen by the right set of eyes. |
|||
| History | |||
|---|---|---|---|
| Date | User | Action | Args |
| 2022-04-11 14:58:38 | admin | set | github: 72615 |
| 2021-02-18 16:08:55 | petr.viktorin | set | status: open -> closed nosy: + petr.viktorin messages: + msg387242 resolution: fixed stage: patch review -> resolved |
| 2020-02-28 15:47:16 | E. Castedo Ellerman | set | nosy:
+ E. Castedo Ellerman messages: + msg362883 |
| 2018-01-11 11:26:57 | bananu7 | set | keywords:
+ patch stage: patch review pull_requests: + pull_request5010 |
| 2016-10-13 12:12:18 | Glandos | create | |