cpython.git - https://github.com/python/cpython.git

diff options

author	Gregory P. Smith <greg@krypto.org>	2022-10-20 22:30:09 (GMT)
committer	GitHub <noreply@github.com>	2022-10-20 22:30:09 (GMT)
commit	49f61068f49747164988ffc5a442d2a63874fc17 (patch)
tree	48001da7207b0a087954e2007d544d2adcbb470a /Include/cpython
parent	39bc70e267929600057d62103739b7160e69dc8b (diff)
download	cpython-49f61068f49747164988ffc5a442d2a63874fc17.zip cpython-49f61068f49747164988ffc5a442d2a63874fc17.tar.gz cpython-49f61068f49747164988ffc5a442d2a63874fc17.tar.bz2

gh-97514: Don't use Linux abstract sockets for multiprocessing (#98501)

Linux abstract sockets are insecure as they lack any form of filesystem permissions so their use allows anyone on the system to inject code into the process. This removes the default preference for abstract sockets in multiprocessing introduced in Python 3.9+ via https://github.com/python/cpython/pull/18866 while fixing https://github.com/python/cpython/issues/84031. Explicit use of an abstract socket by a user now generates a RuntimeWarning. If we choose to keep this warning, it should be backported to the 3.7 and 3.8 branches.

Diffstat (limited to 'Include/cpython')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: