[issue34209] racecondition

Dhiraj Tue, 24 Jul 2018 07:31:47 -0700


New submission from Dhiraj <[email protected]>:


File: /cpython/blob/master/Modules/posixmodule.c#L2657

#endif
        result = access(path->narrow, mode);
    Py_END_ALLOW_THREADS
    return_value = !result;
#endif

If an attacker could change anything along the path between the call `access()` 
and the files actually used, it may exploit the race condition or a 
time-of-check, time-of-use race condition

https://linux.die.net/man/2/access

----------
components: Build
messages: 322305
nosy: Dhiraj_Mishra
priority: normal
severity: normal
status: open
title: racecondition
type: security
versions: Python 2.7

_______________________________________
Python tracker <[email protected]>
<https://bugs.python.org/issue34209>
_______________________________________
_______________________________________________
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue34209] racecondition

Reply via email to