This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author skrah
Recipients Arfrever, Ramchandra Apte, asvetlov, gpolo, mark.dickinson, pitrou, skrah, terry.reedy, zach.ware
Date 2012-11-02.12:50:54
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <20121102125055.GA19876@sleipnir.bytereef.org>
In-reply-to <CAExgZOjYuQ=W=pCakbz75fbWq=0Z6Pn5XbAHSmgEtXhixWKPFg@mail.gmail.com>
Content 
Ramchandra Apte <report@bugs.python.org> wrote:
> Almost nobody knows that when using tkinter, code in .Tk.py is executed.
> (readprofile is not even documented!)
> While in your example, it is quite easy to see that it will run .bashrc

The point of the example is that it's "game over" anyway once an attacker
has write privileges to a user's home directory.

"sudo bash" is certainly a more common operation than "sudo tkapp.py",
and users are not in the habit of auditing .bashrc each time they launch
a shell.

In fact, I'd probably be more likely to notice a new file ".Tk.py" than
a small modification to my .bashrc.

That said, I absolutely agree that *ideally* tkinter apps should not
execute code from a startup file, especially if the startup file is
*not* in the user's home directory.
History
Date User Action Args
2012-11-02 12:50:55skrahsetrecipients: + skrah, terry.reedy, mark.dickinson, pitrou, gpolo, Arfrever, asvetlov, Ramchandra Apte, zach.ware
2012-11-02 12:50:55skrahlinkissue16248 messages
2012-11-02 12:50:54skrahcreate