Issue43472
Created on 2021-03-11 09:31 by christian.heimes, last changed 2022-04-11 14:59 by admin. This issue is now closed.
| Pull Requests | |||
|---|---|---|---|
| URL | Status | Linked | Edit |
| PR 25506 | merged | steve.dower, 2021-04-21 21:58 | |
| PR 25508 | merged | miss-islington, 2021-04-21 22:34 | |
| PR 25509 | merged | miss-islington, 2021-04-21 22:35 | |
| Messages (6) | |||
|---|---|---|---|
| msg388489 - (view) | Author: Christian Heimes (christian.heimes) *  |
Date: 2021-03-11 09:31 | |
The subinterpreters module does not emit any audit events yet. It's possible to create a subinterpreter and run arbitrary code through run_string().
We should also improve documentation of sys.addaudithook() and explain what 'current interpreter' actually means. I guess most users don't realize the consequences for subinterpreters.
$ ./python auditsub.py
('os.system', (b'echo main interpreter',))
main interpreter
you got pwned
[heimes@seneca cpython]$ cat au
auditsub.py autom4te.cache/
[heimes@seneca cpython]$ cat auditsub.py
import sys
import _xxsubinterpreters
def hook(*args):
print(args)
sys.addaudithook(hook)
import os
os.system('echo main interpreter')
sub = _xxsubinterpreters.create()
_xxsubinterpreters.run_string(sub, "import os; os.system('echo you got pwned')", None)
$ ./python auditsub.py
('os.system', (b'echo main interpreter',))
main interpreter
you got pwned
|
|||
| msg390387 - (view) | Author: Saiyang Gou (gousaiyang) * | Date: 2021-04-06 23:18 | |
One problem is the naming of audit events. Actually I didn't even notice that `_xxsubinterpreters` was already there since Python 3.8, because PEP 554 is still in draft status as for now. Looks like `_xxsubinterpreters` is an internal low-level interface to subinterpreters (and probably only meant for testing purposes for now), while PEP 554 will bring a high-level interface `interpreters` for users. Naming the audit events as `interpreters.*` will be more readable, although the `interpreters` module doesn't actually exist today. |
|||
| msg391548 - (view) | Author: Steve Dower (steve.dower) * |
Date: 2021-04-21 21:50 | |
I'll need Eric to confirm, but I think the best thing to do here is to not release the thread state in _xxsubinterpreters.interp_create, but let _Py_NewInterpreter() do it. That way the existing event will be raised in interpreter-level hooks, rather than only the process-wide hook. PR incoming. |
|||
| msg391551 - (view) | Author: Steve Dower (steve.dower) * |
Date: 2021-04-21 22:34 | |
New changeset 7b86e47617d81a4b14d929743425f448971e8c86 by Steve Dower in branch 'master': bpo-43472: Ensure PyInterpreterState_New audit events are raised when called through _xxsubinterpreters module (GH-25506) https://github.com/python/cpython/commit/7b86e47617d81a4b14d929743425f448971e8c86 |
|||
| msg391554 - (view) | Author: miss-islington (miss-islington) | Date: 2021-04-21 22:53 | |
New changeset 602eefef0bd0187049c2ab9071390f8573fc299a by Miss Islington (bot) in branch '3.8': bpo-43472: Ensure PyInterpreterState_New audit events are raised when called through _xxsubinterpreters module (GH-25506) https://github.com/python/cpython/commit/602eefef0bd0187049c2ab9071390f8573fc299a |
|||
| msg392232 - (view) | Author: STINNER Victor (vstinner) * |
Date: 2021-04-28 16:20 | |
New changeset 0252ce35712f4a12e824fb8b40a867ec3460443e by Miss Islington (bot) in branch '3.9': bpo-43472: Ensure PyInterpreterState_New audit events are raised when called through _xxsubinterpreters module (GH-25506) (GH-25508) https://github.com/python/cpython/commit/0252ce35712f4a12e824fb8b40a867ec3460443e |
|||
| History | |||
|---|---|---|---|
| Date | User | Action | Args |
| 2022-04-11 14:59:42 | admin | set | github: 87638 |
| 2021-04-28 16:20:49 | vstinner | set | nosy:
+ vstinner messages: + msg392232 |
| 2021-04-21 22:53:34 | miss-islington | set | messages: + msg391554 |
| 2021-04-21 22:40:55 | steve.dower | set | status: open -> closed assignee: steve.dower stage: patch review -> resolved resolution: fixed versions: + Python 3.8, Python 3.9 |
| 2021-04-21 22:35:05 | miss-islington | set | pull_requests: + pull_request24227 |
| 2021-04-21 22:34:55 | miss-islington | set | nosy:
+ miss-islington pull_requests: + pull_request24226 |
| 2021-04-21 22:34:37 | steve.dower | set | messages: + msg391551 |
| 2021-04-21 21:58:53 | steve.dower | set | keywords:
+ patch stage: patch review pull_requests: + pull_request24224 |
| 2021-04-21 21:50:39 | steve.dower | set | messages: + msg391548 |
| 2021-04-06 23:18:34 | gousaiyang | set | nosy:
+ gousaiyang messages: + msg390387 |
| 2021-03-11 09:31:02 | christian.heimes | create | |