Python, Linux, and the setuid bit
Chris Angelico
rosuav at gmail.com
Tue Apr 15 05:35:46 EDT 2014
On Tue, Apr 15, 2014 at 7:28 PM, Richard Kettlewell <rjk at greenend.org.uk> wrote:
> This program is on a security boundary, the pathological cases are
> precisely the ones the attacker looks for.
>
> (It’s hard to see how an attacker could turn this into a useful attack.
> But perhaps the attacker has more imagination than me.)
Quite frankly, I don't even care :) It's easy enough to fix the bug.
The idiomatic code will compile without warnings *and* be secure, so
I'm not seeing any reason to use the existing form. All I'm saying is
that it's normally going to happen to work; sure, an attacker might
well be able to get into something (although if you can generate 4GB
of environment, the fact that it doesn't get zeroed is likely to be
less of a concern than the massive DOS potential of a huge env!!), but
casual usage will have it seeming to work. The obvious solution is
right in every possible way, so that's the thing to do moving forward.
ChrisA
More information about the Python-list
mailing list