Martin von Loewis wrote:
>
> > Just curious: wouldn't this introduce a /tmp-style problem to
> > Python ?
>
> I tried, but I could not produce such a problem.
>
> > The scenario is quite simple: a Python script runs under root.
> > The script could pick up a lingering .pth file (e.g. from /tmp
> > or one of its subdirs -- distutils does this !) and then executes
> > arbitrary code as *root*.
>
> No, Python looks only in a few places for pth file:
> {<prefix>,<exec_prefix>}{,/lib/python<version>/site-packages,/lib/site-python}
>
> so it won't pick up pth files in /tmp.
Hmm, but what if the Python script picks up a site.py which is
different from the standard one distributed with Python ?
The code adding (and with the patch: executing) the .pth files
is defined in site.py and it is rather easy to override this
file by adding a modified site.py file to the current working dir...
a potential security hole in its own right, I guess :(
--
Marc-Andre Lemburg
______________________________________________________________________
Company: http://www.egenix.com/
Consulting: http://www.lemburg.com/
Python Pages: http://www.lemburg.com/python/
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4