[issue17070] Use the new cloexec to improve security and avoid bugs
New submission from STINNER Victor: Attached patches use the new cloexec parameter added by the PEP 433 (see issue #17036). cloexec_fs_walk.patch: [security] don't leak a file descriptors of directories to a child processes cloexec_listening_socket.patch: [security] don't leak a listening socket to child processes, see also #12107 cloexec_log_file.patch: [security] don't leak the file descriptor of a log file to child processes cloexec_subprocess.patch: [security/bugs] don't leak file descriptors to child processes cloexec_misc.patch: misc mmodules security is a strong word: if subprocess is called with close_fds=True, there is no such problem at all. It's more a theorical problem if a process is created in another thread without using the subprocess module (but directly low level functions). -- components: Library (Lib) files: cloexec_fs_walk.patch keywords: patch messages: 180905 nosy: haypo, neologix priority: normal severity: normal status: open title: Use the new cloexec to improve security and avoid bugs versions: Python 3.4 Added file: http://bugs.python.org/file2/cloexec_fs_walk.patch ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17070 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17070] Use the new cloexec to improve security and avoid bugs
Changes by STINNER Victor victor.stin...@gmail.com: Added file: http://bugs.python.org/file28892/cloexec_subprocess.patch ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17070 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17070] Use the new cloexec to improve security and avoid bugs
Changes by STINNER Victor victor.stin...@gmail.com: Added file: http://bugs.python.org/file28889/cloexec_listening_socket.patch ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17070 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17070] Use the new cloexec to improve security and avoid bugs
Changes by STINNER Victor victor.stin...@gmail.com: Added file: http://bugs.python.org/file28890/cloexec_log_file.patch ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17070 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue17070] Use the new cloexec to improve security and avoid bugs
Changes by STINNER Victor victor.stin...@gmail.com: Added file: http://bugs.python.org/file28891/cloexec_misc.patch ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue17070 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com