[Python-Dev] Proposal for a new function "open_noinherit" to avoid problems with subprocesses and security risks
"Martin v. Löwis"
martin at v.loewis.de
Mon Jun 25 23:53:19 CEST 2007
> # I'm not sure about netiquette here:
> # I decided to continue posting to the python-list without CCing to
> everyone.
[I assume you mean python-dev]
Discussing this issue on the list is fine. Posting code is on the
borderline, and will have no effect, i.e. no action will come out
of (at least *I* will ignore the code entirely, unless it is an
actual patch, and submitted to the bug tracker).
> So perhaps, for Python development, we just have to accept
> that the problem persists and that at this time a 100% solution
> just does not exist - and we should watch the discussion
> on http://lwn.net/Articles/237722/ to see how they solve it for
> Linux.
Exactly. My proposal is still to provide an API to toggle the
flag after the handle was created.
> Martin, you mentioned that for sockets, inheritance is not a problem
> unless accept(), recv() or select() is called in the child process
> (as far as I understood it).
I did not say "no problems". I said "there is no ambiguity whereto
direct the data if the child processes don't perform accept/recv".
> * http://mail.python.org/pipermail/python-list/2003-November/236043.html
> "socket's strange behavior with subprocesses"
> Funny: Even notepad.exe is used there as an example child process...
Sure: the system will not shutdown the connection as long as the handle
is still open in the subprocess (as the subprocess *might* send more
data - which it won't).
I think the problem could be avoided by the parent process explicitly
performing shutdown(2), but I'm uncertain as I have never actively used
shutdown().
> * http://mail.python.org/pipermail/python-bugs-list/2006-April/032974.html
> python-Bugs-1469163 SimpleXMLRPCServer doesn't work anymore on Windows
> (see also Bug 1222790).
I don't understand how this is relevant. This is about CLO_EXEC not
being available on Windows, and has nothing to do with socket
inheritance.
> * http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=4202949
> Java has switched to non-inheritable sockets as well.
Not surprisingly - they don't support fork(). If they would,
they could not have made that change. The bug report is the
same issue: clients will be able to connect as long as the
listen backlog fills. Then they will be turned down, as notepad
will never perform accept.
[I'm getting bored trying to explain the other cases as well]
> Any Windows Guru around who can explain what's going on with socket
> handles and CreateProcess? I mean - is the explanation Martin gave for
> accept(), recv(), select() correct for Windows, too? And if so - how can
> the errors be explained that are mentioned in the URLs above?
See my explanation above.
Martin
More information about the Python-Dev
mailing list