[New-bugs-announce] [issue43439] [security] Add audit events on GC functions giving access to all Python objects
STINNER Victor
report at bugs.python.org
Mon Mar 8 15:32:28 EST 2021
New submission from STINNER Victor <vstinner at python.org>:
It is currently possible to discover the internal list of audit hooks using gc module functions, like gc.get_objects(), and so remove an audit hooks, whereas it is supposed to not be possible. The PEP 578 states: "Hooks cannot be removed or replaced."
Rather than attempting to fix this specific vulnerability, I suggest to add new audit events on the following gc functions:
* gc.get_objects()
* gc.get_referrers()
* gc.get_referents()
These functions are "dangerous" since they can expose Python objects in an inconsistent state. In the past, we add multiple bugs related to "internal" tuples which were not fully initialized (but already tracked by the GC). See bpo-15108 for an example.
Note: if someone wants to address the ability to remove an audit hook, the internal list can be modified to not be a Python object.
----------
components: Library (Lib)
messages: 388300
nosy: christian.heimes, pablogsal, steve.dower, vstinner
priority: normal
severity: normal
status: open
title: [security] Add audit events on GC functions giving access to all Python objects
versions: Python 3.10
_______________________________________
Python tracker <report at bugs.python.org>
<https://bugs.python.org/issue43439>
_______________________________________
More information about the New-bugs-announce
mailing list