Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Additional PEP578 hooks #81544

Closed
zooba opened this issue Jun 21, 2019 · 16 comments
Closed

Additional PEP578 hooks #81544

zooba opened this issue Jun 21, 2019 · 16 comments
Labels
3.10 only security fixes type-feature A feature request or enhancement

Comments

@zooba
Copy link
Member

zooba commented Jun 21, 2019

BPO 37363
Nosy @tiran, @zooba, @matrixise, @miss-islington, @gousaiyang
PRs
  • bpo-37363: Add audit events for a range of modules #14301
  • [3.8] bpo-37363: Add audit events for a range of modules (GH-14301) #14345
  • bpo-37363: Add audit events on startup for the run commands #14524
  • [3.8] bpo-37363: Add audit events on startup for the run commands (GH-14524) #14536
  • bpo-37363: Document internal audit events #14663
  • [3.8] bpo-37363: Document internal audit events (GH-14663) #16046
  • bpo-37363: Add audit events to the http.client module #21321
    		•

    Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.

    Show more details

    GitHub fields:

    assignee = None
closed_at = None
created_at = <Date 2019-06-21.15:42:29.023>
labels = ['type-feature', '3.10']
title = 'Additional PEP578 hooks'
updated_at = <Date 2021-04-23.10:21:35.233>
user = 'https://github.com/zooba'

    bugs.python.org fields:

    activity = <Date 2021-04-23.10:21:35.233>
actor = 'matrixise'
assignee = 'none'
closed = False
closed_date = None
closer = None
components = []
creation = <Date 2019-06-21.15:42:29.023>
creator = 'steve.dower'
dependencies = []
files = []
hgrepos = []
issue_num = 37363
keywords = ['patch']
message_count = 15.0
messages = ['346229', '346301', '346367', '346416', '346418', '346419', '347085', '347088', '347093', '352154', '352156', '352157', '373074', '391675', '391676']
nosy_count = 5.0
nosy_names = ['christian.heimes', 'steve.dower', 'matrixise', 'miss-islington', 'gousaiyang']
pr_nums = ['14301', '14345', '14524', '14536', '14663', '16046', '21321']
priority = 'normal'
resolution = None
stage = 'patch review'
status = 'open'
superseder = None
type = 'enhancement'
url = 'https://bugs.python.org/issue37363'
versions = ['Python 3.10']
    @zooba
    Copy link
    Member Author

    zooba commented Jun 21, 2019

    We should also (see whether we should) add audit hooks for the following modules:

    • configparser
    • crypt
    • ensurepip
    • ftplib
    • glob
    • http
    • imaplib
    • nntplib
    • pdb
    • poplib
    • runpy
    • shutil
    • smtpd
    • smtplib
    • socketserver
    • sqlite3
    • telnetlib
    • webbrowser
    • xmlrpc

    All of these seem likely to have interesting events (specifically, they can all be misused in scenarios where the impact would not be obvious without extra information).

    @zooba zooba added 3.8 only security fixes 3.9 only security fixes type-feature A feature request or enhancement labels Jun 21, 2019
    @zooba
    Copy link
    Member Author

    zooba commented Jun 22, 2019

    PR 14301 has at least a few hooks for most of the modules above.

    I think xmlrpc deserves some, but it is not as immediately obvious where to put them as for the other modules. smtpd also still needs looking at.

    @tiran
    Copy link
    Member

    tiran commented Jun 24, 2019

    I'll add hooks to ssl module for wrap_socket and wrap_bio.

    @zooba
    Copy link
    Member Author

    zooba commented Jun 24, 2019

    New changeset 60419a7 by Steve Dower in branch 'master':
    bpo-37363: Add audit events for a range of modules (GH-14301)
    60419a7

    @miss-islington
    Copy link
    Contributor

    New changeset 8763d43 by Miss Islington (bot) in branch '3.8':
    bpo-37363: Add audit events for a range of modules (GH-14301)
    8763d43

    @zooba
    Copy link
    Member Author

    zooba commented Jun 24, 2019

    FWIW, I tried looking into how we can prevent or detect monkeypatching of "sys.audit", and the answer seems to be that we need to define a custom type for the sys module and for sys.__dict__.

    I'm not prepared to do that yet, and IMHO there are enough way to detect someone patching it to nothing (all your logs disappear) or patching it more cleverly (someone ran some pretty complex code to redefine it) and events from native code can't be suppressed either, so I think it's fine.

    But I won't refuse a contribution if someone thinks this is a critical scenario (though I will push hard to make sure the implementation is solid, as I think this is pretty hard to get right).

    @zooba
    Copy link
    Member Author

    zooba commented Jul 1, 2019

    New changeset e226e83 by Steve Dower in branch 'master':
    bpo-37363: Add audit events on startup for the run commands (GH-14524)
    e226e83

    @miss-islington
    Copy link
    Contributor

    New changeset 746992c by Miss Islington (bot) in branch '3.8':
    bpo-37363: Add audit events on startup for the run commands (GH-14524)
    746992c

    @zooba
    Copy link
    Member Author

    zooba commented Jul 1, 2019

    All that's left here right now is some xmlrpc events, unless we can think of any more stdlib modules that should have them?

    @miss-islington
    Copy link
    Contributor

    New changeset ed4b321 by Miss Islington (bot) (Christian Heimes) in branch 'master':
    bpo-37363: Document internal audit events (GH-14663)
    ed4b321

    @miss-islington
    Copy link
    Contributor

    New changeset 2f01cf6 by Miss Islington (bot) in branch '3.8':
    bpo-37363: Document internal audit events (GH-14663)
    2f01cf6

    @matrixise
    Copy link
    Member

    @christian, I have merged your PR for the audit events, but I have not closed this issue, I suppose there will be other PRs for this issue.

    @matrixise
    Copy link
    Member

    Hi @christian,

    When you have time for my last question.

    Thank you,

    @matrixise matrixise added 3.10 only security fixes and removed 3.8 only security fixes 3.9 only security fixes labels Apr 23, 2021
    @matrixise
    Copy link
    Member

    New changeset 927b841 by Saiyang Gou in branch 'master':
    bpo-37363: Add audit events to the http.client module (GH-21321)
    927b841

    @matrixise
    Copy link
    Member

    the http module is covered by the audit events

    @ezio-melotti ezio-melotti transferred this issue from another repository Apr 10, 2022
    @erlend-aasland
    Copy link
    Contributor

    @zooba, can we close this?

    @zooba zooba closed this as completed Nov 28, 2022
    Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
    Assignees
    No one assigned
    Labels
    3.10 only security fixes type-feature A feature request or enhancement
    Projects
    None yet
    Milestone
    No milestone
    Development

    No branches or pull requests
    5 participants
    @matrixise @tiran @zooba @erlend-aasland @miss-islington