This issue tracker has been migrated to GitHub ,
and is currently read-only.
For more information,
see the GitHub FAQs in the Python's Developer Guide.
Created on 2010年07月05日 16:20 by alfmel, last changed 2022年04月11日 14:57 by admin. This issue is now closed.
| Files | ||||
|---|---|---|---|---|
| File name | Uploaded | Description | Edit | |
| smtpd.py-0.2-setuid-fix.diff | alfmel, 2010年07月05日 16:20 | Fix setuid/bind order patch | ||
| smtpd.py-0.2-setuid-fix_v2.diff | petri.lehtinen, 2011年10月20日 08:59 | Fix setuid/bind order | ||
| Messages (6) | |||
|---|---|---|---|
| msg109336 - (view) | Author: Alberto Trevino (alfmel) | Date: 2010年07月05日 16:20 | |
The SMTP proxy server in Python (smtpd.py) allows you to shed privileges and run as user nobody. However, if you are trying to use port 25, the server will shed privileges before binding the port, causing a bind failure. By moving the setuid code between the creation of the proxy server and the aysncore loop, we can bind a port below 1024 and run as nobody. |
|||
| msg113940 - (view) | Author: Alberto Trevino (alfmel) | Date: 2010年08月15日 04:10 | |
I haven't heard anything on this problem or my patch. What's the status? |
|||
| msg146012 - (view) | Author: Petri Lehtinen (petri.lehtinen) * (Python committer) | Date: 2011年10月20日 08:59 | |
The patch looks good to me and fixes the problem. To reproduce, try this: sudo python -m smtpd 127.0.0.1:25 It raises a "socket.error: [Errno 13] Permission denied" when trying to bind to the privileged port. Attached a refreshed the patch that applies cleanly on top of current 2.7 branch. |
|||
| msg146052 - (view) | Author: Roundup Robot (python-dev) (Python triager) | Date: 2011年10月20日 21:15 | |
New changeset 7d92b94b0eec by Florent Xicluna in branch '3.2': Issue #9168: now smtpd is able to bind privileged port. http://hg.python.org/cpython/rev/7d92b94b0eec New changeset bbd92b42508e by Florent Xicluna in branch 'default': Issue #9168: now smtpd is able to bind privileged port. http://hg.python.org/cpython/rev/bbd92b42508e |
|||
| msg146053 - (view) | Author: Roundup Robot (python-dev) (Python triager) | Date: 2011年10月20日 21:22 | |
New changeset d2f303861c98 by Florent Xicluna in branch '2.7': Issue #9168: now smtpd is able to bind privileged port. http://hg.python.org/cpython/rev/d2f303861c98 |
|||
| msg146054 - (view) | Author: Florent Xicluna (flox) * (Python committer) | Date: 2011年10月20日 21:30 | |
Fixed. Thank you for the patch. |
|||
| History | |||
|---|---|---|---|
| Date | User | Action | Args |
| 2022年04月11日 14:57:03 | admin | set | github: 53414 |
| 2011年10月20日 21:30:32 | flox | set | status: open -> closed nosy: + flox messages: + msg146054 resolution: fixed stage: patch review -> resolved |
| 2011年10月20日 21:22:25 | python-dev | set | messages: + msg146053 |
| 2011年10月20日 21:15:43 | python-dev | set | nosy:
+ python-dev messages: + msg146052 |
| 2011年10月20日 08:59:55 | petri.lehtinen | set | files:
+ smtpd.py-0.2-setuid-fix_v2.diff versions: - Python 3.1 nosy: + petri.lehtinen messages: + msg146012 |
| 2011年02月04日 01:21:19 | eric.araujo | set | keywords:
+ needs review nosy: barry, giampaolo.rodola, alfmel versions: + Python 2.7, Python 3.2, Python 3.3 type: crash -> behavior stage: patch review |
| 2010年08月15日 04:10:33 | alfmel | set | messages: + msg113940 |
| 2010年08月06日 00:26:36 | alfmel | set | type: crash versions: + Python 3.1, - Python 3.2 |
| 2010年07月05日 17:27:32 | giampaolo.rodola | set | nosy:
+ giampaolo.rodola |
| 2010年07月05日 16:20:39 | alfmel | create | |