This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Title: racecondition
Type: security Stage: resolved
Components: Build Versions: Python 2.7
Status: closed Resolution: not a bug
Dependencies: Superseder:
Assigned To: Nosy List: Dhiraj_Mishra, methane
Priority: normal Keywords:

Created on 2018-07-24 14:31 by Dhiraj_Mishra, last changed 2022-04-11 14:59 by admin. This issue is now closed.

Messages (2)
msg322305 - (view) Author: Dhiraj (Dhiraj_Mishra) * Date: 2018-07-24 14:31
File: /cpython/blob/master/Modules/posixmodule.c#L2657

        result = access(path->narrow, mode);
    return_value = !result;

If an attacker could change anything along the path between the call `access()` and the files actually used, it may exploit the race condition or a time-of-check, time-of-use race condition
msg322334 - (view) Author: Inada Naoki (methane) * (Python committer) Date: 2018-07-25 00:12
It is already documented.  What's point of this issue?
Date User Action Args
2022-04-11 14:59:03adminsetgithub: 78390
2018-07-27 09:44:13methanesetstatus: open -> closed
resolution: not a bug
stage: resolved
2018-07-25 00:12:49methanesetnosy: + methane
messages: + msg322334
2018-07-24 14:31:37Dhiraj_Mishracreate