Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 24 Jul 2021 12:32:34 -0400
From: Michael Orlitzky <michael@...itzky.com>
To: oss-security@...ts.openwall.com
Subject: Re: Potential symlink attack in python3 __pycache__

On Sat, 2021-07-24 at 18:33 +0300, Georgi Guninski wrote:
> Not sure if this is vulnerability, but it looks like
> classical symlink attack.
> 
> In python3, if a script in directory DIR1 does "import another",
> then python3 creates directory __pycache__ in DIR1 and puts
> some files in __pycache__.
> 
> According to our tests, if DIR1/__pycache__ is symlink to something,
> then python3 follows the symlink.

When subdirectories of DIR1 are writable by anyone other than the
person running the script, you have a bunch of problems:

  https://bugs.python.org/issue16202


Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.