classification
Title: Additional PEP578 hooks
Type: enhancement Stage: patch review
Components: Versions: Python 3.9, Python 3.8
process
Status: open Resolution:
Dependencies: Superseder:
Assigned To: Nosy List: christian.heimes, matrixise, miss-islington, steve.dower
Priority: normal Keywords: patch

Created on 2019-06-21 15:42 by steve.dower, last changed 2019-09-12 13:21 by matrixise.

Pull Requests
URL Status Linked Edit
PR 14301 merged steve.dower, 2019-06-21 23:13
PR 14345 merged miss-islington, 2019-06-24 15:43
PR 14524 merged steve.dower, 2019-07-01 17:34
PR 14536 merged miss-islington, 2019-07-01 23:04
PR 14663 merged christian.heimes, 2019-07-09 10:32
PR 16046 merged miss-islington, 2019-09-12 13:13
Messages (12)
msg346229 - (view) Author: Steve Dower (steve.dower) * (Python committer) Date: 2019-06-21 15:42
We should also (see whether we should) add audit hooks for the following modules:
* configparser
* crypt
* ensurepip
* ftplib
* glob
* http
* imaplib
* nntplib
* pdb
* poplib
* runpy
* shutil
* smtpd
* smtplib
* socketserver
* sqlite3
* telnetlib
* webbrowser
* xmlrpc

All of these seem likely to have interesting events (specifically, they can all be misused in scenarios where the impact would not be obvious without extra information).
msg346301 - (view) Author: Steve Dower (steve.dower) * (Python committer) Date: 2019-06-22 21:35
PR 14301 has at least a few hooks for most of the modules above.

I think xmlrpc deserves some, but it is not as immediately obvious where to put them as for the other modules. smtpd also still needs looking at.
msg346367 - (view) Author: Christian Heimes (christian.heimes) * (Python committer) Date: 2019-06-24 10:47
I'll add hooks to ssl module for wrap_socket and wrap_bio.
msg346416 - (view) Author: Steve Dower (steve.dower) * (Python committer) Date: 2019-06-24 15:42
New changeset 60419a7e96577cf783b3b45bf3984f9fb0d7ddff by Steve Dower in branch 'master':
bpo-37363: Add audit events for a range of modules (GH-14301)
https://github.com/python/cpython/commit/60419a7e96577cf783b3b45bf3984f9fb0d7ddff
msg346418 - (view) Author: miss-islington (miss-islington) Date: 2019-06-24 16:09
New changeset 8763d43a9558b345af6a3a298afa18e7d3b42fd0 by Miss Islington (bot) in branch '3.8':
bpo-37363: Add audit events for a range of modules (GH-14301)
https://github.com/python/cpython/commit/8763d43a9558b345af6a3a298afa18e7d3b42fd0
msg346419 - (view) Author: Steve Dower (steve.dower) * (Python committer) Date: 2019-06-24 16:27
FWIW, I tried looking into how we can prevent or detect monkeypatching of "sys.audit", and the answer seems to be that we need to define a custom type for the sys module and for sys.__dict__.

I'm not prepared to do that yet, and IMHO there are enough way to detect someone patching it to nothing (all your logs disappear) or patching it more cleverly (someone ran some pretty complex code to redefine it) and events from native code can't be suppressed either, so I think it's fine. 

But I won't refuse a contribution if someone thinks this is a critical scenario (though I will push hard to make sure the implementation is solid, as I think this is pretty hard to get right).
msg347085 - (view) Author: Steve Dower (steve.dower) * (Python committer) Date: 2019-07-01 23:03
New changeset e226e83d36dfc7220d836fb7a249ce18e70cb4a6 by Steve Dower in branch 'master':
bpo-37363: Add audit events on startup for the run commands (GH-14524)
https://github.com/python/cpython/commit/e226e83d36dfc7220d836fb7a249ce18e70cb4a6
msg347088 - (view) Author: miss-islington (miss-islington) Date: 2019-07-01 23:22
New changeset 746992c1ae4c632220563d3fe54123498f93db1d by Miss Islington (bot) in branch '3.8':
bpo-37363: Add audit events on startup for the run commands (GH-14524)
https://github.com/python/cpython/commit/746992c1ae4c632220563d3fe54123498f93db1d
msg347093 - (view) Author: Steve Dower (steve.dower) * (Python committer) Date: 2019-07-01 23:43
All that's left here right now is some xmlrpc events, unless we can think of any more stdlib modules that should have them?
msg352154 - (view) Author: miss-islington (miss-islington) Date: 2019-09-12 13:13
New changeset ed4b3216e59df4806e5ef63b3357fc577a9443d7 by Miss Islington (bot) (Christian Heimes) in branch 'master':
bpo-37363: Document internal audit events (GH-14663)
https://github.com/python/cpython/commit/ed4b3216e59df4806e5ef63b3357fc577a9443d7
msg352156 - (view) Author: miss-islington (miss-islington) Date: 2019-09-12 13:20
New changeset 2f01cf61874aa42eeb9999e49d51d4881792d9c4 by Miss Islington (bot) in branch '3.8':
bpo-37363: Document internal audit events (GH-14663)
https://github.com/python/cpython/commit/2f01cf61874aa42eeb9999e49d51d4881792d9c4
msg352157 - (view) Author: Stéphane Wirtel (matrixise) * (Python committer) Date: 2019-09-12 13:21
@Christian, I have merged your PR for the audit events, but I have not closed this issue, I suppose there will be other PRs for this issue.
History
Date User Action Args
2019-09-12 13:21:38matrixisesetnosy: + matrixise
messages: + msg352157
2019-09-12 13:20:28miss-islingtonsetmessages: + msg352156
2019-09-12 13:13:16miss-islingtonsetpull_requests: + pull_request15668
2019-09-12 13:13:04miss-islingtonsetmessages: + msg352154
2019-07-09 10:32:43christian.heimessetpull_requests: + pull_request14471
2019-07-01 23:43:03steve.dowersetmessages: + msg347093
2019-07-01 23:22:32miss-islingtonsetmessages: + msg347088
2019-07-01 23:04:05miss-islingtonsetpull_requests: + pull_request14349
2019-07-01 23:03:58steve.dowersetmessages: + msg347085
2019-07-01 17:34:51steve.dowersetpull_requests: + pull_request14337
2019-06-24 16:27:43steve.dowersetmessages: + msg346419
2019-06-24 16:09:53miss-islingtonsetnosy: + miss-islington
messages: + msg346418
2019-06-24 15:43:08miss-islingtonsetpull_requests: + pull_request14165
2019-06-24 15:42:59steve.dowersetmessages: + msg346416
2019-06-24 10:47:34christian.heimessetmessages: + msg346367
2019-06-22 21:35:27steve.dowersetmessages: + msg346301
2019-06-21 23:13:06steve.dowersetkeywords: + patch
stage: needs patch -> patch review
pull_requests: + pull_request14125
2019-06-21 15:42:29steve.dowercreate