classification
Title: popen / popen[234] inconsistent fd behavior
Type: security Stage:
Components: Library (Lib) Versions:
process
Status: closed Resolution: out of date
Dependencies: Superseder:
Assigned To: Nosy List: amaury.forgeotdarc, justincappos
Priority: normal Keywords:

Created on 2008-06-19 19:18 by justincappos, last changed 2008-06-19 19:32 by amaury.forgeotdarc. This issue is now closed.

Messages (2)
msg68416 - (view) Author: Justin Cappos (justincappos) Date: 2008-06-19 19:18
The behavior of popen vs popen[2-4] differs with respect to open file
descriptors (at least on the Linux implementation of popen).   popen
does not close file descriptors, thus processes retain open file
descriptors from their parent.   This is likely not desirable for
security and stability reasons.   

If this isn't fixed, at a minimum it would be a good thing to document.


Here is an example that demonstrates the issue:

<<< start of open_and_popen.py>>>
# This will not be printed if popen closes file descriptors

import os
myfd = os.open("open_and_popen.py",os.O_RDONLY)

readfo = os.popen("python print_from_fd.py "+str(myfd),"r")

print "os.popen results in:"
print readfo.read()
# it will print the first line of the file here
readfo.close()


(junkinfo, readfo) = os.popen2("python print_from_fd.py "+str(myfd),"r")
junkinfo.close()

print "os.popen2 results in:"
print readfo.read()
# the child got an error, so this is just the error text
readfo.close()

os.close(myfd)
<<< end of open_and_popen.py>>>


<<< start of print_from_fd.py>>>
import os
import sys
print os.read(int(sys.argv[1]),60)
<<< end of print_from_fd.py>>>
msg68418 - (view) Author: Amaury Forgeot d'Arc (amaury.forgeotdarc) * (Python committer) Date: 2008-06-19 19:32
This is so true that these functions are now documented as deprecated:
http://docs.python.org/dev/library/os.html#os.popen2

Please use the subprocess.Popen class instead, which gives a much better
interface to processes.
History
Date User Action Args
2008-06-19 19:32:30amaury.forgeotdarcsetstatus: open -> closed
resolution: out of date
messages: + msg68418
nosy: + amaury.forgeotdarc
2008-06-19 19:18:27justincapposcreate