[PATCH v1] shebang: restrict python interactive prompt/interpreter

[Tetsuo Handa]

Matt Brown wrote:
> what does everyone thing about a envp_blacklist option that is a list of
> environmental variables that will be stripped from exec calls. This can
> be done in the LSM hook bprm_check_security.

Stripping argv[0] can be done by remove_arg_zero(). But stripping specific
environmental variables is a bit complicated than what you would think. You
can see tomoyo_environ() for how to whitelist environmental variable names.

> 
> Is there any reason on a hardened system why you would need the
> PYTHONINSPECT environmental variable?

TOMOYO and CaitSith try to check such factors (e.g. argv/envp as well as
pathname manipulations).
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html