[Python-checkins] cpython (merge 3.2 -> default): Closes #15445: Merged documentation update from 3.2.
vinay.sajip
python-checkins at python.org
Wed Jul 25 20:20:58 CEST 2012
http://hg.python.org/cpython/rev/410be02de1c6
changeset: 78280:410be02de1c6
parent: 78277:1da53d86d722
parent: 78279:e5d7d202f2bf
user: Vinay Sajip <vinay_sajip at yahoo.co.uk>
date: Wed Jul 25 19:20:32 2012 +0100
summary:
Closes #15445: Merged documentation update from 3.2.
files:
Doc/library/logging.config.rst | 19 +++++++++++++++++++
1 files changed, 19 insertions(+), 0 deletions(-)
diff --git a/Doc/library/logging.config.rst b/Doc/library/logging.config.rst
--- a/Doc/library/logging.config.rst
+++ b/Doc/library/logging.config.rst
@@ -109,6 +109,19 @@
send it to the socket as a string of bytes preceded by a four-byte length
string packed in binary using ``struct.pack('>L', n)``.
+ .. note:: Because portions of the configuration are passed through
+ :func:`eval`, use of this function may open its users to a security risk.
+ While the function only binds to a socket on ``localhost``, and so does
+ not accept connections from remote machines, there are scenarios where
+ untrusted code could be run under the account of the process which calls
+ :func:`listen`. Specifically, if the process calling :func:`listen` runs
+ on a multi-user machine where users cannot trust each other, then a
+ malicious user could arrange to run essentially arbitrary code in a
+ victim user's process, simply by connecting to the victim's
+ :func:`listen` socket and sending a configuration which runs whatever
+ code the attacker wants to have executed in the victim's process. This is
+ especially easy to do if the default port is used, but not hard even if a
+ different port is used).
.. function:: stopListening()
@@ -694,6 +707,12 @@
:class:`Formatter` subclass. Subclasses of :class:`Formatter` can present
exception tracebacks in an expanded or condensed format.
+.. note:: Due to the use of :func:`eval` as described above, there are
+ potential security risks which result from using the :func:`listen` to send
+ and receive configurations via sockets. The risks are limited to where
+ multiple users with no mutual trust run code on the same machine; see the
+ :func:`listen` documentation for more information.
+
.. seealso::
Module :mod:`logging`
--
Repository URL: http://hg.python.org/cpython
More information about the Python-checkins
mailing list