Python security issues

...a lightning talk at PyCon PL 2019

(14/09/2019)

​

by Disconnect3d

​

​

https://bugs.python.org/

https://bugs.python.org/

Who has ever �been there?

https://bugs.python.org/

Who has ever �been there?

As of today there �are 61 open “security” issues

I looked at *some*�of them

https://bugs.python.org/issue36022

https://bugs.python.org/issue36022

TLDR: it’s about logging.config.listen()

...which listens on 127.0.0.1:PORT�And may use eval on the input

https://bugs.python.org/issue35278

​

https://bugs.python.org/issue35278

​

TLDR:� tempfile.NamedTemporaryFile(prefix=..., suffix=...)�

...both kwargs allows path traversing

(so you can create a temporary file anywhere)

https://bugs.python.org/issue34915

​

​

https://bugs.python.org/issue34915

​

TLDR:�Another users [on the machine] can steal your�saved cookies :(

​

* or through a path traversal attack...

​

​

https://bugs.python.org/issue33213

​

https://bugs.python.org/issue33213

​

TLDR:�Be careful with crypt.crypt(...) on MacOS !

​

​

https://bugs.python.org/issue33213

​

TLDR:�Be careful with crypt.crypt(...) on MacOS !

​

​

https://bugs.python.org/issue33213

​

TLDR:�Be careful with crypt.crypt(...) on MacOS !

​

​

^DEMO

???

Python interpreter uses whatever libreadline library it founds, even in a current dir…

​

* Found in the tracker, couldn’t find the issue number...

???

Python interpreter uses whatever libreadline library it founds, even in a current dir…

​

* Found in the tracker, couldn’t find the issue number...

???

Python interpreter uses whatever libreadline library it founds, even in a current dir…

​

* Found in the tracker, couldn’t find the issue number...

Let’s demo

And that’s all, thanks o/

​

​

See also

https://bugs.python.org/

;)

by Disconnect3d

​

slides will be at https://disconnect3d.pl/talks