Is this a security risk with Python too?

Martin v. Loewis martin at v.loewis.de
Fri Aug 16 15:35:05 EDT 2002


Roman Suzi <rnd at onego.ru> writes:

> I think, my idea is not completely outlandish.

I think your analysis is incomplete (and, for that matter, the one of
the Tcl vulnerability is, too).

"which could allow local users to execute arbitrary code by writing
Trojan horse library that is under a user-controlled directory."

The ability to execute arbitrary code is not a security problem;
instead, that is the primary purpose of many computer systems - allow
users to run arbitrary applications.

A security problem only arises if that code is executed with
privileges that the user does not have. Atleast on Unix, this can only
happen:

- if you can talk a system demon to execute code for you.

  In this case, that would be a bug in the demon or the fault of the
  system administrator; none of the directories that Python searches
  should be writable by an arbitrary user - including the current
  working directory of the demon.

- you run an S-bit program. On many systems, this means you have an
  s-bit Python executable. Python's default installation does not
  create s-bit python executables; anybody doing so should be careful
  not to give users access to that binary since they can very easily
  exploit it to gain root access.

So, I can't see a problem.

Regards,
Martin




More information about the Python-list mailing list