Author gregory.p.smith
Recipients christian.heimes, gregory.p.smith
Date 2017-03-02.20:28:54
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <CAGE7PN+o3+-f4MkCkcv2KaZgnB=f-w5Dik26=aBOMXJyNdJnXw@mail.gmail.com>
In-reply-to <1488484520.79.0.651519274164.issue29700@psf.upfronthosting.co.za>
Content
It doesn't seem very abusable... Though of a server accepts enough remote
connections and uses input() and swaps out stdin after remote uses up fds
with connections...  That's a lot of circumstances at once. Rare
application.

We ran into it with an interactive program controlling a bunch of things so
it had lots of fds open when a tty stdin was swapped in for input.

On Thu, Mar 2, 2017, 11:55 AM Christian Heimes <report@bugs.python.org>
wrote:

>
> Christian Heimes added the comment:
>
> Do you see a chance that the issue could be abused? IMO an attacker can't
> control FD number easily.
>
> ----------
> nosy: +christian.heimes
>
> _______________________________________
> Python tracker <report@bugs.python.org>
> <http://bugs.python.org/issue29700>
> _______________________________________
>
History
Date User Action Args
2017-03-02 20:28:54gregory.p.smithsetrecipients: + gregory.p.smith, christian.heimes
2017-03-02 20:28:54gregory.p.smithlinkissue29700 messages
2017-03-02 20:28:54gregory.p.smithcreate