Thanks to visit codestin.com
Credit goes to github.com

Skip to content

gh-97514: Don't use Linux abstract sockets for multiprocessing #98501

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 5 commits into from
Oct 20, 2022
Merged

gh-97514: Don't use Linux abstract sockets for multiprocessing #98501

Changes from 1 commit
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
6465b53
gh-97514: Don't use Linux abstract sockets for multiprocessing.
gpshead Sep 23, 2022
de8571d
Remove the warning.
gpshead Sep 23, 2022
8c50714
Reword NEWS, refer to CVE-2022-42919.
gpshead Oct 14, 2022
4c3ce41
NEWS wording tweaks
gpshead Oct 18, 2022
4f1b535
Reword the NEWS entry again.
gpshead Oct 20, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Reword the NEWS entry again.
  • Loading branch information
@gpshead
gpshead committed Oct 20, 2022
commit 4f1b535a015d23b1bd4c61a76b070d94e941e632
25 changes: 12 additions & 13 deletions Misc/NEWS.d/next/Security/2022-09-07-10-42-00.gh-issue-97514.Yggdsl.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,16 +1,15 @@
On Linux the :mod:`multiprocessing` module, when configured by code to use the
``"forkserver"`` start method, has switched back to using filesystem backed
unix domain sockets by default for communication with the *forkserver* process.
No longer using Linux's abstract socket namespace by default. Abstract sockets
have no permissions and could allow any user on the system in the same `network
namespace <https://man7.org/linux/man-pages/man7/network_namespaces.7.html>`_
(often the whole system) to inject code into the multiprocessing *forkserver*
process as a potential privilege escalation. Filesystem based socket
permissions are restricted to the *forkserver* process user as in Python 3.8
On Linux the :mod:`multiprocessing` module returns to using filesystem backed
unix domain sockets for communication with the *forkserver* process instead of
the Linux abstract socket namespace. Only code that chooses to use the
:ref:`"forkserver" start method <multiprocessing-start-methods>` is affected.

Abstract sockets have no permissions and could allow any user on the system in
the same `network namespace
<https://man7.org/linux/man-pages/man7/network_namespaces.7.html>`_ (often the
whole system) to inject code into the multiprocessing *forkserver* process.
This was a potential privilege escalation. Filesystem based socket permissions
restrict this to the *forkserver* process user as was the default in Python 3.8
and earlier.

This prevents Linux `CVE-2022-42919
<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42919>`_ in code that
chooses to use the *forkserver* start method as documented in
:ref:`multiprocessing contexts and start methods
<multiprocessing-start-methods>`.
<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42919>`_.