diff options
| author | Eric Snow <ericsnowcurrently@gmail.com> | 2022-10-31 19:35:54 (GMT) |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-10-31 19:35:54 (GMT) |
| commit | 4702552885811d0af8f0e4545f494336801ad4dd (patch) | |
| tree | a8d24ed97f3e4561bf79ce6d27bd46cba2ecb303 /Modules/posixmodule.c | |
| parent | 3b86538661038ee23d0be80bb7593e2e7856f059 (diff) | |
| download | cpython-4702552885811d0af8f0e4545f494336801ad4dd.zip cpython-4702552885811d0af8f0e4545f494336801ad4dd.tar.gz cpython-4702552885811d0af8f0e4545f494336801ad4dd.tar.bz2 | |
gh-98610: Adjust the Optional Restrictions on Subinterpreters (GH-98618)
Previously, the optional restrictions on subinterpreters were: disallow fork, subprocess, and threads. By default, we were disallowing all three for "isolated" interpreters. We always allowed all three for the main interpreter and those created through the legacy `Py_NewInterpreter()` API.
Those settings were a bit conservative, so here we've adjusted the optional restrictions to: fork, exec, threads, and daemon threads. The default for "isolated" interpreters disables fork, exec, and daemon threads. Regular threads are allowed by default. We continue always allowing everything For the main interpreter and the legacy API.
In the code, we add `_PyInterpreterConfig.allow_exec` and `_PyInterpreterConfig.allow_daemon_threads`. We also add `Py_RTFLAGS_DAEMON_THREADS` and `Py_RTFLAGS_EXEC`.
Diffstat (limited to 'Modules/posixmodule.c')
| -rw-r--r-- | Modules/posixmodule.c | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/Modules/posixmodule.c b/Modules/posixmodule.c index a5eb866..d863f9f 100644 --- a/Modules/posixmodule.c +++ b/Modules/posixmodule.c @@ -5773,6 +5773,13 @@ os_execv_impl(PyObject *module, path_t *path, PyObject *argv) EXECV_CHAR **argvlist; Py_ssize_t argc; + PyInterpreterState *interp = _PyInterpreterState_GET(); + if (!_PyInterpreterState_HasFeature(interp, Py_RTFLAGS_EXEC)) { + PyErr_SetString(PyExc_RuntimeError, + "exec not supported for isolated subinterpreters"); + return NULL; + } + /* execv has two arguments: (path, argv), where argv is a list or tuple of strings. */ @@ -5839,6 +5846,13 @@ os_execve_impl(PyObject *module, path_t *path, PyObject *argv, PyObject *env) EXECV_CHAR **envlist; Py_ssize_t argc, envc; + PyInterpreterState *interp = _PyInterpreterState_GET(); + if (!_PyInterpreterState_HasFeature(interp, Py_RTFLAGS_EXEC)) { + PyErr_SetString(PyExc_RuntimeError, + "exec not supported for isolated subinterpreters"); + return NULL; + } + /* execve has three arguments: (path, argv, env), where argv is a list or tuple of strings and env is a dictionary like posix.environ. */ |