Message333801
Currently, posixpath.defpath is equal to:
defpath = ':/bin:/usr/bin'
It gives 3 directories:
>>> posixpath.defpath.split(posixpath.pathsep)
['', '/bin', '/usr/bin']
where the empty string means "the current directory". Trying to locate an executable from the current directory can be security issue when an attacker tries to execute arbitrary command.
The Linux exec(3) manual page contains an interesting note about the removal of the empty string from glibc 2.24 by accident:
http://man7.org/linux/man-pages/man3/execvp.3.html
NOTES
The default search path (used when the environment does not contain
the variable PATH) shows some variation across systems. It generally
includes /bin and /usr/bin (in that order) and may also include the
current working directory. On some other systems, the current
working is included after /bin and /usr/bin, as an anti-Trojan-horse
measure. The glibc implementation long followed the traditional
default where the current working directory is included at the start
of the search path. However, some code refactoring during the
development of glibc 2.24 caused the current working directory to be
dropped altogether from the default search path. This accidental
behavior change is considered mildly beneficial, and won't be
reverted.
(...)
Context of this issue: This discussion started from my PR 11579 which modifies the subprocess module to use posix_spawnp():
https://github.com/python/cpython/pull/11579#pullrequestreview-193261299
So I propose to replace defpath = ':/bin:/usr/bin' with defpath = '/bin:/usr/bin' which gives 2 directories:
>>> '/bin:/usr/bin'.split(posixpath.pathsep)
['/bin', '/usr/bin']
This change would only affect os.get_exec_path(), and so indirectly the subprocess module (when the executable contains no directory), *when the PATH environmant variable is not set*. |
|
Date |
User |
Action |
Args |
2019-01-16 23:41:50 | vstinner | set | recipients:
+ vstinner, gregory.p.smith, giampaolo.rodola, christian.heimes |
2019-01-16 23:41:46 | vstinner | set | messageid: <1547682106.56.0.245747157525.issue35755@roundup.psfhosted.org> |
2019-01-16 23:41:46 | vstinner | link | issue35755 messages |
2019-01-16 23:41:46 | vstinner | create | |
|