[Python-Dev] PEP 578: Python Runtime Audit Hooks
Steve Dower
steve.dower at python.org
Mon Apr 15 17:17:04 EDT 2019
On 15Apr2019 1344, Christian Heimes wrote:
> Hi Steve,
>
> (memory dump before I go to bed)
>
> Steve Grubb from Red Hat security pointed me to some interesting things
> [1]. For instance there is some work on a new O_MAYEXEC flag for open().
> Steve came to similar conclusions like we, e.g. streaming code from
> stdin is insecure.
>
> [1] https://marc.info/?l=linux-fsdevel&m=155535414414626&w=2
Thanks for the pointer! Using this for open_code() by default on
platforms that support it might be a good opportunity in the future. But
I'm glad I'm not the only one who thinks this is the right approach :)
> I think it would be also beneficial to have auditing events for the
> import system to track when sys.path or import loaders are changed.
Already in there (kind of... the "import" events include the contents of
the sys properties that are about to be used to resolve it - since these
are plain-old lists, and can be easily reassigned, passing them through
here allows you to add a check if you really want it but otherwise not
pay the cost of replacing the sys module with a special implementation
and its attributes with special lists).
Cheers,
Steve
More information about the Python-Dev
mailing list