[Python-checkins] peps: PEP 446: add example of vulnerabilities
victor.stinner
python-checkins at python.org
Sat Aug 10 01:05:15 CEST 2013
http://hg.python.org/peps/rev/e2f9feb6be35
changeset: 5044:e2f9feb6be35
user: Victor Stinner <victor.stinner at gmail.com>
date: Sat Aug 10 00:51:14 2013 +0200
summary:
PEP 446: add example of vulnerabilities
files:
pep-0446.txt | 46 ++++++++++++++++++++++++++++-----------
1 files changed, 33 insertions(+), 13 deletions(-)
diff --git a/pep-0446.txt b/pep-0446.txt
--- a/pep-0446.txt
+++ b/pep-0446.txt
@@ -140,19 +140,6 @@
the server restarts while the program is not done: the server cannot
start because the TCP port is still in use.
-Leaking file descriptors is also a well known security vulnerability:
-read
-`FIO42-C. Ensure files are properly closed when they are no longer
-needed
-<https://www.securecoding.cert.org/confluence/display/seccode/FIO42-C.+Ensure+files+are+properly+closed+when+they+are+no+longer+needed>`_
-of the CERT.
-
-An untrusted child process can read sensitive data like passwords and
-take control of the parent process though leaked file descriptors. It is
-for example a way to escape from a chroot. With a leaked listening
-socket, a child process can accept new connections to read sensitive
-data.
-
Example of issues in open source projects:
* `Mozilla (Firefox) <https://bugzilla.mozilla.org/show_bug.cgi?id=147659>`_:
@@ -178,6 +165,39 @@
open since 2012-07
+Security Vulnerability
+----------------------
+
+Leaking file descriptors is also a well known security vulnerability:
+read
+`FIO42-C. Ensure files are properly closed when they are no longer
+needed
+<https://www.securecoding.cert.org/confluence/display/seccode/FIO42-C.+Ensure+files+are+properly+closed+when+they+are+no+longer+needed>`_
+of the CERT.
+
+An untrusted child process can read sensitive data like passwords and
+take control of the parent process though leaked file descriptors. It is
+for example a way to escape from a chroot. With a leaked listening
+socket, a child process can accept new connections to read sensitive
+data.
+
+Example of vulnerabilities:
+
+* `Hijacking Apache https by mod_php
+ <http://www.securityfocus.com/archive/1/348368>`_ (2003)
+
+ * Apache: `Apr should set FD_CLOEXEC if APR_FOPEN_NOCLEANUP is not set
+ <https://issues.apache.org/bugzilla/show_bug.cgi?id=46425>`_:
+ fixed in 2009
+ * PHP: `system() (and similar) don't cleanup opened handles of Apache
+ <https://bugs.php.net/bug.php?id=38915>`_: open since 2006
+* `CWE-403: Exposure of File Descriptor to Unintended Control Sphere
+ <http://cwe.mitre.org/data/definitions/403.html>`_ (2008)
+* `OpenSSH Security Advisory: portable-keysign-rand-helper.adv
+ <http://www.openssh.com/txt/portable-keysign-rand-helper.adv>`_
+ (2011)
+
+
Issues fixed in the subprocess module
-------------------------------------
--
Repository URL: http://hg.python.org/peps
More information about the Python-checkins
mailing list