[issue43439] [security] Add audit events on GC functions giving access to all Python objects

Pablo Galindo Salgado added the comment: New changeset e6bf1e1001a6844a36f2f90f58ab12b9e09e3887 by Pablo Galindo in branch '3.9': [3.9] bpo-43439: Wrapt the tuple in the audit events for the gc module (GH-24836) (GH-24855)

[issue43439] [security] Add audit events on GC functions giving access to all Python objects

Change by Pablo Galindo Salgado : -- resolution: -> fixed stage: patch review -> resolved status: open -> closed ___ Python tracker ___

[issue43439] [security] Add audit events on GC functions giving access to all Python objects

Pablo Galindo Salgado added the comment: New changeset 1e7a47ab86d5d6a5103e67ba71389f6daa18ea2d by Pablo Galindo in branch '3.8': [3.8] bpo-43439: Wrapt the tuple in the audit events for the gc module (GH-24836) (GH24854)

[issue43439] [security] Add audit events on GC functions giving access to all Python objects

Change by Pablo Galindo Salgado : -- pull_requests: +23615 pull_request: https://github.com/python/cpython/pull/24855 ___ Python tracker ___

[issue43439] [security] Add audit events on GC functions giving access to all Python objects

Change by Pablo Galindo Salgado : -- pull_requests: +23614 pull_request: https://github.com/python/cpython/pull/24854 ___ Python tracker ___

[issue43439] [security] Add audit events on GC functions giving access to all Python objects

Pablo Galindo Salgado added the comment: New changeset 9c376bc1c4c8bcddb0bc4196b79ec8c75da494a8 by Pablo Galindo in branch 'master': bpo-43439: Wrapt the tuple in the audit events for the gc module (GH-24836) https://github.com/python/cpython/commit/9c376bc1c4c8bcddb0bc4196b79ec8c75da494a8

[issue43439] [security] Add audit events on GC functions giving access to all Python objects

Change by Pablo Galindo Salgado : -- pull_requests: +23601 stage: needs patch -> patch review pull_request: https://github.com/python/cpython/pull/24836 ___ Python tracker ___

[issue43439] [security] Add audit events on GC functions giving access to all Python objects

Pablo Galindo Salgado added the comment: I think I prefer to raise a single event, because it match more closely the actual call, is a bit faster and more straighfoward. I will create a PR soon -- ___ Python tracker

[issue43439] [security] Add audit events on GC functions giving access to all Python objects

Steve Dower added the comment: Passing a tuple as "O" just means it gets passed as-is, without wrapping it again. And yeah, I thought that was right here, but it's not. I didn't realise it's a varargs argument. So yeah, it should be wrapped again so that only a single argument is being

[issue43439] [security] Add audit events on GC functions giving access to all Python objects

Saiyang Gou added the comment: In addition to the consistency with existing audit hook signatures, there may also be another benefit of wrapping it with a tuple of length 1. If gc.get_referrers or gc.get_referents happens to gain a new keyword-only argument in the future, we may need to add

[issue43439] [security] Add audit events on GC functions giving access to all Python objects

Pablo Galindo Salgado added the comment: Steve, do you think that makes sense? If so, I will create a batch of PRs to correct it. -- ___ Python tracker ___

[issue43439] [security] Add audit events on GC functions giving access to all Python objects

Saiyang Gou added the comment: There is a minor issue here. For gc.get_referrers and gc.get_referents, probably the format code for PySys_Audit should be "(O)" instead of "O". Typically the tuple `args` passed to the hook functions are fixed-length as described in the audit events table.

[issue43439] [security] Add audit events on GC functions giving access to all Python objects

Christian Heimes added the comment: Thanks, Pablo and Victor! -- resolution: -> fixed stage: patch review -> resolved status: open -> closed ___ Python tracker ___

[issue43439] [security] Add audit events on GC functions giving access to all Python objects

miss-islington added the comment: New changeset f814675376318e0bf9e14fc62826a113cb4ca652 by Pablo Galindo in branch '3.9': [3.9] bpo-43439: Add audit hooks for gc functions (GH-24794). (GH-24811) https://github.com/python/cpython/commit/f814675376318e0bf9e14fc62826a113cb4ca652 --

[issue43439] [security] Add audit events on GC functions giving access to all Python objects

miss-islington added the comment: New changeset a6d0182879d0bf275c4feb38b57f73236ab9c06c by Pablo Galindo in branch '3.8': [3.8] bpo-43439: Add audit hooks for gc functions (GH-24794). (GH-24810) https://github.com/python/cpython/commit/a6d0182879d0bf275c4feb38b57f73236ab9c06c --

[issue43439] [security] Add audit events on GC functions giving access to all Python objects

Change by Pablo Galindo Salgado : -- pull_requests: +23578 pull_request: https://github.com/python/cpython/pull/24811 ___ Python tracker ___

[issue43439] [security] Add audit events on GC functions giving access to all Python objects

Change by Pablo Galindo Salgado : -- pull_requests: +23577 pull_request: https://github.com/python/cpython/pull/24810 ___ Python tracker ___

[issue43439] [security] Add audit events on GC functions giving access to all Python objects

Pablo Galindo Salgado added the comment: New changeset b4f9089d4aa787c5b74134c98e5f0f11d9e63095 by Pablo Galindo in branch 'master': bpo-43439: Add audit hooks for gc functions (GH-24794) https://github.com/python/cpython/commit/b4f9089d4aa787c5b74134c98e5f0f11d9e63095 --

[issue43439] [security] Add audit events on GC functions giving access to all Python objects

Change by JIanqiu Tao : -- nosy: +zkonge ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscribe:

[issue43439] [security] Add audit events on GC functions giving access to all Python objects

Steve Dower added the comment: Thanks, Pablo! Nice patch. This can be backported, btw. New audit events are allowed to be added in minor releases (they just cannot be changed). -- versions: +Python 3.8, Python 3.9 ___ Python tracker

[issue43439] [security] Add audit events on GC functions giving access to all Python objects

Change by Pablo Galindo Salgado : -- keywords: +patch pull_requests: +23562 stage: -> patch review pull_request: https://github.com/python/cpython/pull/24794 ___ Python tracker

[issue43439] [security] Add audit events on GC functions giving access to all Python objects

Christian Heimes added the comment: > Note: if someone wants to address the ability to remove an audit hook, the > internal list can be modified to not be a Python object. I wouldn't bother. There are other ways to modify data structures, e.g. poke into process memory. --

[issue43439] [security] Add audit events on GC functions giving access to all Python objects

Pablo Galindo Salgado added the comment: > Rather than attempting to fix this specific vulnerability, I suggest to add > new audit events on the following gc functions: Makes sense, I will prepare a PR today -- ___ Python tracker

[issue43439] [security] Add audit events on GC functions giving access to all Python objects

New submission from STINNER Victor : It is currently possible to discover the internal list of audit hooks using gc module functions, like gc.get_objects(), and so remove an audit hooks, whereas it is supposed to not be possible. The PEP 578 states: "Hooks cannot be removed or replaced."