ALT Linux repos
Group :: Development/Python
RPM: python
Main Changelog Spec Patches Sources Download Gear Bugs and FR Repocop
Patch: python-ignore-env-trust-security.patch
Download
Download
--- Python/Python/pythonrun.c 2018-09-20 18:19:48.344999694 +0300
+++ Python/Python/new_pythonrun.c 2018-09-21 09:30:08.836946948 +0300
@@ -18,6 +18,7 @@
#include "eval.h"
#include "marshal.h"
#include "abstract.h"
+#include <sys/stat.h>
#ifdef HAVE_SIGNAL_H
#include <signal.h>
@@ -91,11 +92,23 @@
int Py_NoUserSiteDirectory = 0; /* for -s and site.py */
int Py_HashRandomizationFlag = 0; /* for -R and PYTHONHASHSEED */
+static const char *trust_path = "/etc/alt/security/python-trust";
+
/* Hack to force loading of object files */
int (*_PyOS_mystrnicmp_hack)(const char *, const char *, Py_ssize_t) = \
PyOS_mystrnicmp; /* Python/pystrcmp.o */
+void
+get_py_trust(int *Py_IgnoreEnvironmentFlag)
+{
+ struct stat buffer;
+ int exist = stat(trust_path, &buffer);
+
+ if (exist == 0)
+ *Py_IgnoreEnvironmentFlag = 1;
+}
+
/* PyModule_GetWarningsModule is no longer necessary as of 2.6
since _warnings is builtin. This API should not be used. */
PyObject *
@@ -378,6 +391,7 @@
void
Py_Initialize(void)
{
+ get_py_trust(&Py_IgnoreEnvironmentFlag);
Py_InitializeEx(1);
}