classification
Title: ctypes fails to import with grsecurity's TPE
Type: behavior Stage: resolved
Components: ctypes Versions: Python 3.5
process
Status: closed Resolution: fixed
Dependencies: Superseder:
Assigned To: Nosy List: E. Castedo Ellerman, Glandos, petr.viktorin
Priority: normal Keywords: patch

Created on 2016-10-13 12:12 by Glandos, last changed 2021-02-18 16:08 by petr.viktorin. This issue is now closed.

Pull Requests
URL Status Linked Edit
PR 5155 closed bananu7, 2018-01-11 11:26
Messages (3)
msg278567 - (view) Author: (Glandos) Date: 2016-10-13 12:12
When using a grsecurity kernel with TPE enabled, the following happens with an untrusted user:

Python 3.5.2+ (default, Sep 22 2016, 12:18:14) 
[GCC 6.2.0 20160914] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> from ctypes import CDLL
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/usr/lib/python3.5/ctypes/__init__.py", line 537, in <module>
    _reset_cache()
  File "/usr/lib/python3.5/ctypes/__init__.py", line 276, in _reset_cache
    CFUNCTYPE(c_int)(lambda: None)
MemoryError

And grsecurity complains:

oct. 13 13:52:27 belette64 kernel: grsec: From XX.XX.XX.XX: denied untrusted exec (due to not being in trusted group and file in world-writable directory) of /tmp/#38928416 by /usr/bin/python3.5[python3:19125] uid/euid:1000/1000 gid/egid:1000/1000, parent /usr/bin/fish[fish:17716] uid/euid:1000/1000 gid/egid:1000/1000
oct. 13 13:52:27 belette64 kernel: grsec: From XX.XX.XX.XX: denied untrusted exec (due to not being in trusted group and file in world-writable directory) of /var/tmp/#15073678 by /usr/bin/python3.5[python3:19125] uid/euid:1000/1000 gid/egid:1000/1000, parent /usr/bin/fish[fish:17716] uid/euid:1000/1000 gid/egid:1000/1000
oct. 13 13:52:27 belette64 kernel: grsec: From XX.XX.XX.XX: denied untrusted exec (due to not being in trusted group and file in world-writable directory) of /dev/shm/#4422450 by /usr/bin/python3.5[python3:19125] uid/euid:1000/1000 gid/egid:1000/1000, parent /usr/bin/fish[fish:17716] uid/euid:1000/1000 gid/egid:1000/1000
oct. 13 13:52:27 belette64 kernel: grsec: From XX.XX.XX.XX: denied untrusted exec (due to not being in trusted group and file in world-writable directory) of /dev/shm/#4422452 by /usr/bin/python3.5[python3:19125] uid/euid:1000/1000 gid/egid:1000/1000, parent /usr/bin/fish[fish:17716] uid/euid:1000/1000 gid/egid:1000/1000
oct. 13 13:52:29 belette64 kernel: grsec: From XX.XX.XX.XX: denied untrusted exec (due to not being in trusted group and file in world-writable directory) of /dev/shm/#4425509 by /usr/bin/python3.5[python3:19125] uid/euid:1000/1000 gid/egid:1000/1000, parent /usr/bin/fish[fish:17716] uid/euid:1000/1000 gid/egid:1000/1000

However, even if the solution should be to put the user in the trusted group, it seems that the involved call is just a workaround for Win64 platforms.
The program I used is using ctypes through the xattr package, which never used CFUNCTYPE. Is it possible to wrap this "fake call" into a try block?
msg362883 - (view) Author: E. Castedo Ellerman (E. Castedo Ellerman) Date: 2020-02-28 15:47
This is now fixed in Python 3.8. See https://bugs.python.org/issue35523
msg387242 - (view) Author: Petr Viktorin (petr.viktorin) * (Python committer) Date: 2021-02-18 16:08
Glandos, thank you for the report and fix, and apologies that it wasn't seen by the right set of eyes.
History
Date User Action Args
2021-02-18 16:08:55petr.viktorinsetstatus: open -> closed

nosy: + petr.viktorin
messages: + msg387242

resolution: fixed
stage: patch review -> resolved
2020-02-28 15:47:16E. Castedo Ellermansetnosy: + E. Castedo Ellerman
messages: + msg362883
2018-01-11 11:26:57bananu7setkeywords: + patch
stage: patch review
pull_requests: + pull_request5010
2016-10-13 12:12:18Glandoscreate