Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

popen / popen[234] inconsistent fd behavior #47394

Closed
justincappos mannequin opened this issue Jun 19, 2008 · 2 comments
Closed

popen / popen[234] inconsistent fd behavior #47394

justincappos mannequin opened this issue Jun 19, 2008 · 2 comments
Labels
stdlib Python modules in the Lib dir type-security A security issue

Comments

@justincappos
Copy link
Mannequin

justincappos mannequin commented Jun 19, 2008

BPO 3144
Nosy @amauryfa

Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.

Show more details

GitHub fields:

assignee = None
closed_at = <Date 2008-06-19.19:32:30.538>
created_at = <Date 2008-06-19.19:18:27.812>
labels = ['type-security', 'library']
title = 'popen / popen[234] inconsistent fd behavior'
updated_at = <Date 2008-06-19.19:32:30.500>
user = 'https://bugs.python.org/justincappos'

bugs.python.org fields:

activity = <Date 2008-06-19.19:32:30.500>
actor = 'amaury.forgeotdarc'
assignee = 'none'
closed = True
closed_date = <Date 2008-06-19.19:32:30.538>
closer = 'amaury.forgeotdarc'
components = ['Library (Lib)']
creation = <Date 2008-06-19.19:18:27.812>
creator = 'justincappos'
dependencies = []
files = []
hgrepos = []
issue_num = 3144
keywords = []
message_count = 2.0
messages = ['68416', '68418']
nosy_count = 2.0
nosy_names = ['amaury.forgeotdarc', 'justincappos']
pr_nums = []
priority = 'normal'
resolution = 'out of date'
stage = None
status = 'closed'
superseder = None
type = 'security'
url = 'https://bugs.python.org/issue3144'
versions = []
@justincappos
Copy link
Mannequin Author

justincappos mannequin commented Jun 19, 2008

The behavior of popen vs popen[2-4] differs with respect to open file
descriptors (at least on the Linux implementation of popen). popen
does not close file descriptors, thus processes retain open file
descriptors from their parent. This is likely not desirable for
security and stability reasons.

If this isn't fixed, at a minimum it would be a good thing to document.

Here is an example that demonstrates the issue:

<<< start of open_and_popen.py>>>
# This will not be printed if popen closes file descriptors

import os
myfd = os.open("open_and_popen.py",os.O_RDONLY)

readfo = os.popen("python print_from_fd.py "+str(myfd),"r")

print "os.popen results in:"
print readfo.read()
# it will print the first line of the file here
readfo.close()

(junkinfo, readfo) = os.popen2("python print_from_fd.py "+str(myfd),"r")
junkinfo.close()

print "os.popen2 results in:"
print readfo.read()
# the child got an error, so this is just the error text
readfo.close()

os.close(myfd)
<<< end of open_and_popen.py>>>

<<< start of print_from_fd.py>>>
import os
import sys
print os.read(int(sys.argv[1]),60)
<<< end of print_from_fd.py>>>

@justincappos justincappos mannequin added stdlib Python modules in the Lib dir type-security A security issue labels Jun 19, 2008
@amauryfa
Copy link
Member

This is so true that these functions are now documented as deprecated:
http://docs.python.org/dev/library/os.html#os.popen2

Please use the subprocess.Popen class instead, which gives a much better
interface to processes.

@ezio-melotti ezio-melotti transferred this issue from another repository Apr 10, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
stdlib Python modules in the Lib dir type-security A security issue
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@amauryfa