classification
Title: os._execvpe security fix
Type: Stage:
Components: Extension Modules Versions: Python 2.3
process
Status: closed Resolution: accepted
Dependencies: Superseder:
Assigned To: gvanrossum Nosy List: gvanrossum, zackw (2)
Priority: normal Keywords patch

Created on 2002-08-02 18:21 by zackw, last changed 2002-08-08 20:19 by gvanrossum.

Files
File name Uploaded Description Edit Remove
D zackw, 2002-08-02 18:21
Messages (3)
msg40775 - (view) Author: Zack Weinberg (zackw) Date: 2002-08-02 18:21 
1) Do not attempt to exec a file which does not exist
just to find out what error the operating system
returns.  This is an exploitable race on all platforms
that support symbolic links.

2) Immediately re-raise the exception if we get an
error other than errno.ENOENT or errno.ENOTDIR.  This
may need to be adapted for other platforms.

(As a security issue, this should be considered for 2.1
and 2.2 as well as 2.3.)
msg40776 - (view) Author: Guido van Rossum (gvanrossum) Date: 2002-08-05 16:14 
Logged In: YES 
user_id=6380

OK, checked in for 2.3. Keeping this open until I find the
time to backport it to 2.2 and 2.1 (or someone else does that).
msg40777 - (view) Author: Guido van Rossum (gvanrossum) Date: 2002-08-08 20:19 
Logged In: YES 
user_id=6380

All backported.

(Note that as a side effect of this patch, changes to
Modules/Setup[.dist] had to be made and backported to
compile the errno module statically, because the patch
introduces a dependency on it to distutils and hence to the
setup.py script.)
History
Date User Action Args
2002-08-02 18:21:37zackwcreate