[New-bugs-announce] [issue24558] shutil.copytree with symlinks=True opens vulnerabilities
SpaceOne
report at bugs.python.org
Fri Jul 3 14:41:25 CEST 2015
New submission from SpaceOne:
shutil.copytree(src, dst, symlink=True) destroys file system permissions and open security issues. See the following python/bash session:
# ls -l /etc/shadow
-rw-r----- 1 root shadow 1114 May 8 19:10 /etc/shadow
# su foobar
$ ln -s /etc/shadow && exit
# python -c '__import__("shutil").copytree('/home/', '/backups/home', symlinks=True)
# ls -l /etc/shadow
-rw-r----- 1 foobar Domain Users 1114 Mai 8 19:10 /etc/shadow
As you can see the file "/etc/shadow" is now owned by the user "foobar" and its primary group.
----------
components: Distutils
messages: 246170
nosy: dstufft, eric.araujo, spaceone
priority: normal
severity: normal
status: open
title: shutil.copytree with symlinks=True opens vulnerabilities
type: security
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue24558>
_______________________________________
More information about the New-bugs-announce
mailing list