[issue25565] subprocess.Popen creates inheritable file descriptors on Windows, can leak to other child processes

[Stéphane Wirtel]

Stéphane Wirtel added the comment:

yep, maybe, because in the other issue, it's about a race condition. similar.

--
nosy: +matrixise

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue25565] subprocess.Popen creates inheritable file descriptors on Windows, can leak to other child processes

[R. David Murray]

R. David Murray added the comment:

This looks like a duplicate of issue 24909?

--
nosy: +r.david.murray

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue25565] subprocess.Popen creates inheritable file descriptors on Windows, can leak to other child processes

[eryksun]

Changes by eryksun :


--
resolution:  -> duplicate
stage:  -> resolved
status: open -> closed
superseder:  -> Windows: subprocess.Popen: race condition for leaking 
inheritable handles

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue25565] subprocess.Popen creates inheritable file descriptors on Windows, can leak to other child processes

[Stéphane Wirtel]

Stéphane Wirtel added the comment:

I don't have the right to close it. can you close it ?

Thanks

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue25565] subprocess.Popen creates inheritable file descriptors on Windows, can leak to other child processes

[Jack O'Connor]

Jack O'Connor added the comment:

Definitely a duplicate, thanks for pointing me to the original. Should I mark 
it resolved, or let someone from the project do that?

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue25565] subprocess.Popen creates inheritable file descriptors on Windows, can leak to other child processes

[Jack O'Connor]

New submission from Jack O'Connor:

The Windows implementation of Popen calls _make_inheritable(), which creates 
inheritable copies of Popen's file descriptors. If two Popen calls happen at 
the same time on different threads, these descriptors can leak to both child 
processes. Here's a demonstration of a deadlock caused by this bug:

https://gist.github.com/oconnor663/b1d39d58b232fc627d84

Victor Stinner also wrote up a summary of the security issues associated with 
leaking file descriptors in PEP 0446.

A workaround for this issue is to protect all Popen calls with a lock. Calls to 
wait() and communicate() don't need to be protected, so you can release the 
lock before you make those blocking calls. I don't see a way to safely use 
run() or the other convenience functions, if you're using pipes and multiple 
threads. Unfortunately close_fds=True is not allowed on Windows when any of 
stdin/stdout/stderr are set, which is going the be the case here.

Would it be feasible for Popen.__init__() to automatically protect the 
inheritable copies it creates, with a lock around that section? We already have 
the _waitpid_lock for POSIX, so it seems like thread safety is a goal.

--
components: Library (Lib)
messages: 254168
nosy: oconnor663
priority: normal
severity: normal
status: open
title: subprocess.Popen creates inheritable file descriptors on Windows, can 
leak to other child processes
type: security
versions: Python 3.5

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com