On 15Apr2019 1344, Christian Heimes wrote:
Hi Steve,
(memory dump before I go to bed)
Steve Grubb from Red Hat security pointed me to some interesting things
[1]. For instance there is some work on a new O_MAYEXEC flag for open().
Steve came to similar conclusions like we, e.g. streaming code from
stdin is insecure.
[1] https://marc.info/?l=linux-fsdevel&m=155535414414626&w=2
Thanks for the pointer! Using this for open_code() by default on
platforms that support it might be a good opportunity in the future. But
I'm glad I'm not the only one who thinks this is the right approach :)
I think it would be also beneficial to have auditing events for the
import system to track when sys.path or import loaders are changed.
Already in there (kind of... the "import" events include the contents of
the sys properties that are about to be used to resolve it - since these
are plain-old lists, and can be easily reassigned, passing them through
here allows you to add a check if you really want it but otherwise not
pay the cost of replacing the sys module with a special implementation
and its attributes with special lists).
Cheers,
Steve
_______________________________________________
Python-Dev mailing list
Python-Dev@python.org
https://mail.python.org/mailman/listinfo/python-dev
Unsubscribe:
https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
