[Python-bugs-list] [ python-Bugs-510910 ] File inheritance across exec/spawn

noreply@sourceforge.net noreply@sourceforge.net
Fri, 22 Mar 2002 14:49:56 -0800 

Bugs item #510910, was opened at 2002-01-30 16:26
You can respond by visiting: 
http://sourceforge.net/tracker/?func=detail&atid=105470&aid=510910&group_id=5470

Category: Python Library
Group: None
Status: Open
Resolution: None
Priority: 5
Submitted By: Tim Peters (tim_one)
Assigned to: Nobody/Anonymous (nobody)
Summary: File inheritance across exec/spawn

Initial Comment:
For 2.3, I added a new tempfile.TemporaryFile 
implementation for Windows that (among other good 
things) arranges that spawned processes will no longer 
inherit the temp files' underlying open file 
descriptors.  There are multiple reasons for doing so 
on Windows, and one that's "an issue" across all 
platforms is security.

Temp files may (will, AFAICT) still get inherited on 
other platforms.  And inheriting open files of other 
kinds may still be an issue on all platforms.

Guido sez (from email):

"""
This is exactly what happens on Unix, I'm afraid.  Is
there a way around that?  Across fork(), I think it's 
fair (might be intentional).  Across exec(), I think 
there's no point.  We should use fcntl() with F_SETFD 
to set the FD_CLOEXEC bit.
"""

There is no fork on Windows, so life is simpler there; 
OTOH, there's no FD_CLOEXEC bit on Windows either, so 
life is harder there if we want to extend this to 
other files.  I'm inclined to think we should stick to 
setting policy only for temp files;  *we* create them, 
and the user has no control over how we create them.  
For files the user opens themself, they can get at 
FD_CLOEXEC (on platforms supporting it) from Python.  
They can also get at O_NOINHERIT on Windows in 2.3 
(when using os.open()).

----------------------------------------------------------------------

>Comment By: Tim Peters (tim_one)
Date: 2002-03-22 17:49

Message:
Logged In: YES 
user_id=31435

I expect Guido is suggesting at least that, and since it's 
my bug report <wink> I'd be happy to close it if that much 
is done.  Security Geeks may or may not wish to argue that 
all files opened by Python do likewise, but, if so, they 
can open their bug report.

----------------------------------------------------------------------

Comment By: Neil Schemenauer (nascheme)
Date: 2002-03-22 17:35

Message:
Logged In: YES 
user_id=35752

What's the bug here?  I'm guessing that Guido is suggesting
that TemporaryFile set the FD_CLOEXEC.  Is that right?

----------------------------------------------------------------------

You can respond by visiting: 
http://sourceforge.net/tracker/?func=detail&atid=105470&aid=510910&group_id=5470