mirrors/cpython
1
0
Fork 0
mirror of https://github.com/python/cpython.git synced 2025-10-03 21:55:41 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 12

bpo-39498 Start linking the security warnings in the stdlib modules (GH-18272) (GH-27699)

Browse source 
Co-authored-by: Łukasz Langa <lukasz@langa.pl>
(cherry picked from commit c5c5326d47)

Co-authored-by: Anthony Shaw <anthony.p.shaw@gmail.com>
This commit is contained in:
Miss Islington (bot) 2021-08-10 00:51:33 -07:00 committed by GitHub
parent 395f4c7fbf
commit fcbe8c63d7
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
10 changed files with 45 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

2
Doc/library/hashlib.rst
View file

@ -80,6 +80,8 @@ library that Python uses on your platform. On most platforms the
.. versionadded:: 3.6 .. versionadded:: 3.6
:func:`blake2b` and :func:`blake2s` were added. :func:`blake2b` and :func:`blake2s` were added.
.. _hashlib-usedforsecurity:
.. versionchanged:: 3.9 .. versionchanged:: 3.9
All hashlib constructors take a keyword-only argument *usedforsecurity* All hashlib constructors take a keyword-only argument *usedforsecurity*
with default value ``True``. A false value allows the use of insecure and with default value ``True``. A false value allows the use of insecure and

1
Doc/library/index.rst
View file

@ -76,3 +76,4 @@ the `Python Package Index <https://pypi.org>`_.
unix.rst unix.rst
superseded.rst superseded.rst
undoc.rst undoc.rst
security_warnings.rst

2
Doc/library/logging.config.rst
View file

@ -147,6 +147,8 @@ in :mod:`logging` itself) and defining handlers which are declared either in
send it to the socket as a sequence of bytes preceded by a four-byte length send it to the socket as a sequence of bytes preceded by a four-byte length
string packed in binary using ``struct.pack('>L', n)``. string packed in binary using ``struct.pack('>L', n)``.
.. _logging-eval-security:
.. note:: .. note::
Because portions of the configuration are passed through Because portions of the configuration are passed through

1
Doc/library/multiprocessing.rst
View file

@ -1187,6 +1187,7 @@ For example:
>>> arr2 >>> arr2
array('i', [0, 1, 2, 3, 4, 0, 0, 0, 0, 0]) array('i', [0, 1, 2, 3, 4, 0, 0, 0, 0, 0])
.. _multiprocessing-recv-pickle-security:
.. warning:: .. warning::

32
Doc/library/security_warnings.rst Normal file
View file

@ -0,0 +1,32 @@
.. _security-warnings:
.. index:: single: security considerations
Security Considerations
=======================
The following modules have specific security considerations:
* :mod:`cgi`: :ref:`CGI security considerations <cgi-security>`
* :mod:`hashlib`: :ref:`all constructors take a "usedforsecurity" keyword-only
argument disabling known insecure and blocked algorithms
<hashlib-usedforsecurity>`
* :mod:`http.server` is not suitable for production use, only implementing
basic security checks
* :mod:`logging`: :ref:`Logging configuration uses eval()
<logging-eval-security>`
* :mod:`multiprocessing`: :ref:`Connection.recv() uses pickle
<multiprocessing-recv-pickle-security>`
* :mod:`pickle`: :ref:`Restricting globals in pickle <pickle-restrict>`
* :mod:`random` shouldn't be used for security purposes, use :mod:`secrets`
instead
* :mod:`shelve`: :ref:`shelve is based on pickle and thus unsuitable for
dealing with untrusted sources <shelve-security>`
* :mod:`ssl`: :ref:`SSL/TLS security considerations <ssl-security>`
* :mod:`subprocess`: :ref:`Subprocess security considerations
<subprocess-security>`
* :mod:`tempfile`: :ref:`mktemp is deprecated due to vulnerability to race
conditions <tempfile-mktemp-deprecated>`
* :mod:`xml`: :ref:`XML vulnerabilities <xml-vulnerabilities>`
* :mod:`zipfile`: :ref:`maliciously prepared .zip files can cause disk volume
exhaustion <zipfile-resources-limitations>`

2
Doc/library/shelve.rst
View file

@ -49,6 +49,8 @@ lots of shared sub-objects. The keys are ordinary strings.
with shelve.open('spam') as db: with shelve.open('spam') as db:
db['eggs'] = 'eggs' db['eggs'] = 'eggs'
.. _shelve-security:
.. warning:: .. warning::
Because the :mod:`shelve` module is backed by :mod:`pickle`, it is insecure Because the :mod:`shelve` module is backed by :mod:`pickle`, it is insecure

1
Doc/library/subprocess.rst
View file

@ -683,6 +683,7 @@ Exceptions defined in this module all inherit from :exc:`SubprocessError`.
.. versionadded:: 3.3 .. versionadded:: 3.3
The :exc:`SubprocessError` base class was added. The :exc:`SubprocessError` base class was added.
.. _subprocess-security:
Security Considerations Security Considerations
----------------------- -----------------------

1
Doc/library/tempfile.rst
View file

@ -315,6 +315,7 @@ Here are some examples of typical usage of the :mod:`tempfile` module::
>>> >>>
# directory and contents have been removed # directory and contents have been removed
.. _tempfile-mktemp-deprecated:
Deprecated functions and variables Deprecated functions and variables
---------------------------------- ----------------------------------

2
Doc/library/zipfile.rst
View file

@ -848,6 +848,8 @@ Exceeding limitations on different file systems can cause decompression failed.
Such as allowable characters in the directory entries, length of the file name, Such as allowable characters in the directory entries, length of the file name,
length of the pathname, size of a single file, and number of files, etc. length of the pathname, size of a single file, and number of files, etc.
.. _zipfile-resources-limitations:
Resources limitations Resources limitations
~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~

1
Misc/NEWS.d/next/Documentation/2020-01-30-05-18-48.bpo-39498.Nu3sFL.rst Normal file
View file

@ -0,0 +1 @@
Add a "Security Considerations" index which links to standard library modules that have explicitly documented security considerations.