Message 150833 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	hynek
Recipients	hynek, neologix, pitrou, rosslagerwall, tarek
Date	2012-01-08.00:14:02
SpamBayes Score	3.8540847e-07
Marked as misclassified	No
Message-id	<1325981643.51.0.923790442233.issue13734@psf.upfronthosting.co.za>
In-reply-to

Content
This is an offspring of #4489 (which is a security bug). The method is AFAIU intended to be private. As shown in the discussion of the mentioned #4489, there is a whole family of attacks that exploit the time window between gathering path names and executing a function on them. A general description of this problem can be found in: https://www.securecoding.cert.org/confluence/display/seccode/POS35-C.+Avoid+race+conditions+while+checking+for+the+existence+of+a+symbolic+link While the consequences in rmtree() are probably most dramatic, other recursive functions could benefit too (chmodtree() and chowntree() were mentioned) so Charles-François suggested to write a "generic walker method that would take as argument the methods to call on a directory and on a file (or link)". Some (probably) necessary helper functions has been already implemented in #4761 (*at()) and #10755 (fdlistdir()). Has there already been done any work? Ross mentioned he wanted to take a stab?

This is an offspring of #4489 (which is a security bug). The method is AFAIU intended to be private. 

As shown in the discussion of the mentioned #4489, there is a whole family of attacks that exploit the time window between gathering path names and executing a function on them. A general description of this problem can be found in: https://www.securecoding.cert.org/confluence/display/seccode/POS35-C.+Avoid+race+conditions+while+checking+for+the+existence+of+a+symbolic+link

While the consequences in rmtree() are probably most dramatic, other recursive functions could benefit too (chmodtree() and chowntree() were mentioned) so Charles-François suggested to write a "generic walker method that would take as argument the methods to call on a directory and on a file (or link)".

Some (probably) necessary helper functions has been already implemented in #4761 (*at()) and #10755 (fdlistdir()).

Has there already been done any work? Ross mentioned he wanted to take a stab?

History
Date	User	Action	Args
2012-01-08 00:14:03	hynek	set	recipients: + hynek, pitrou, tarek, neologix, rosslagerwall
2012-01-08 00:14:03	hynek	set	messageid: <1325981643.51.0.923790442233.issue13734@psf.upfronthosting.co.za>
2012-01-08 00:14:02	hynek	link	issue13734 messages
2012-01-08 00:14:02	hynek	create