On 25Aug2017 1105, Christian Heimes wrote:
On 2017-08-24 19:13, Steve Dower wrote:
Hi security-sig,
Those of you who were at the PyCon US language summit this year (or who saw the coverage at https://lwn.net/Articles/723823/) may recall that I talked briefly about the ways Python is used by attackers to gain and/or retain access to systems on local networks. [...] TODO - more hooks in ``_socket``, ``_ssl``, others?
Does it make sense to include mmap()? After all mmap can be used to execute arbitrary machine code in memory.
Yes, absolutely. I think array and struct can too without having to go through ctypes.
For the SSL module, what would you like to log? Server certs and connection parameters (cipher suite)?
I've seen some samples of code that disable validation or use alternate CA certs. Probably context creation is the most important aspect, since I think a lot of the rest will be caught by the _socket module. There's a good balance somewhere between collecting all network traffic (though not necessarily keeping it anywhere) or none, but I'm not entirely sure where that is yet. I'll probably spend a day this weekend continuing to go through the stdlib and see what I think should be included. No doubt we'll spend time at the sprints arguing over specific items - I'm looking forward to it :) Cheers, Steve