cpython

mirror of https://github.com/python/cpython.git synced 2026-01-07 16:02:55 +00:00

History

Gregory P. Smith 7191b7662e gh-97514: Authenticate the forkserver control socket. (GH-99309) This adds authentication to the forkserver control socket. In the past only filesystem permissions protected this socket from code injection into the forkserver process by limiting access to the same UID, which didn't exist when Linux abstract namespace sockets were used (see issue) meaning that any process in the same system network namespace could inject code. We've since stopped using abstract namespace sockets by default, but protecting our control sockets regardless of type is a good idea. This reuses the HMAC based shared key auth already used by `multiprocessing.connection` sockets for other purposes. Doing this is useful so that filesystem permissions are not relied upon and trust isn't implied by default between all processes running as the same UID with access to the unix socket. ### pyperformance benchmarks No significant changes. Including `concurrent_imap` which exercises `multiprocessing.Pool.imap` in that suite. ### Microbenchmarks This does _slightly_ slow down forkserver use. How much so appears to depend on the platform. Modern platforms and simple platforms are less impacted. This PR adds additional IPC round trips to the control socket to tell forkserver to spawn a new process. Systems with potentially high latency IPC are naturally impacted more. Typically a 1-4% slowdown on a very targeted process creation microbenchmark, with a worst case overloaded system slowdown of 20%. No evidence that these slowdowns appear in practical sense. See the PR for details.		2024-11-20 08:18:58 -08:00
..
__phello__
_pyrepl	gh-126456: Fix _pyrepl curses tigetstr() (#126472 )	2024-11-13 17:46:10 +01:00
asyncio	gh-126353: remove implicit creation of loop from `asyncio.get_event_loop` (#126354 )	2024-11-04 14:21:20 +05:30
collections	gh-125245: Fix race condition when importing `collections.abc` (#125415 )	2024-10-24 18:12:51 -04:00
concurrent	gh-125864: Propagate `pickle.loads()` failures in `InterpreterPoolExecutor` (gh-125898)	2024-10-24 10:51:45 -06:00
ctypes	gh-126615: `ctypes`: Make `COMError` public (GH-126686)	2024-11-20 12:53:43 +00:00
curses	gh-120417: Add #noqa to used imports in the stdlib (#120421 )	2024-06-13 16:14:50 +02:00
dbm	gh-120417: Remove unused imports in the stdlib (#120420 )	2024-06-12 20:56:42 +02:00
email	gh-124452: Fix header mismatches when folding/unfolding with email message (#125919 )	2024-11-16 18:01:52 -05:00
encodings	gh-123803: Support arbitrary code page encodings on Windows (GH-123804)	2024-11-18 17:45:25 +00:00
ensurepip	gh-126188: Update bundled pip to 24.3.1 (gh-126805)	2024-11-13 20:58:57 +00:00
html
http	gh-126156: Improve performance of creating `Morsel` objects (#126157 )	2024-10-31 12:05:40 -07:00
idlelib	Fix idlelib typos (#125484 )	2024-10-14 17:11:58 -04:00
importlib	GH-126606: don't write incomplete pyc files (GH-126627)	2024-11-13 21:39:10 +00:00
json	gh-125660: Reject invalid unicode escapes for Python implementation of JSON decoder (GH-125683)	2024-10-18 15:29:47 +03:00
logging	gh-124653: Relax (again) detection of queue API for logging handlers (GH-124897)	2024-10-07 19:42:19 +01:00
multiprocessing	gh-97514: Authenticate the forkserver control socket. (GH-99309)	2024-11-20 08:18:58 -08:00
pathlib	pathlib ABCs: tighten up `resolve()` and `absolute()` (#126611 )	2024-11-09 18:47:49 +00:00
pydoc_data	Python 3.14.0a2	2024-11-19 16:52:44 +02:00
re	gh-126505: Fix bugs in compiling case-insensitive character classes (GH-126557)	2024-11-11 18:27:26 +02:00
site-packages
sqlite3	gh-91818: Use default program name in the CLI of many modules (GH-124867)	2024-10-10 00:20:53 +03:00
sysconfig	GH-126920: fix Makefile overwriting sysconfig.get_config_vars	2024-11-17 01:56:01 +00:00
test	gh-97514: Authenticate the forkserver control socket. (GH-99309)	2024-11-20 08:18:58 -08:00
tkinter	gh-124111: Update tkinter for compatibility with Tcl/Tk 9.0.0 (GH-124156)	2024-11-14 12:45:08 -06:00
tomllib	gh-126175: Add attributes to TOMLDecodeError. Deprecate free-form `__init__` args (GH-126428)	2024-11-13 13:52:16 +01:00
turtledemo	gh-125665: Update turtledemo docstrings with correct file names (#125691 )	2024-10-23 16:29:32 -04:00
unittest	gh-104745: Limit starting a patcher more than once without stopping it (#126649 )	2024-11-13 08:20:38 +00:00
urllib	GH-85168: Use filesystem encoding when converting to/from `file` URIs (#126852 )	2024-11-19 21:19:30 +00:00
venv	gh-124651: Quote template strings in `venv` activation scripts (GH-124712)	2024-10-21 21:48:04 +01:00
wsgiref	gh-126133: Only use start year in PSF copyright, remove end years (#126236 )	2024-11-12 15:59:19 +02:00
xml	Fix typos in comments and test code (#122846 )	2024-08-11 21:16:41 -07:00
xmlrpc	gh-120485: Add an override of `allow_reuse_port` on classes subclassing `socketserver.TCPServer` (GH-120488)	2024-06-16 13:15:03 +01:00
zipfile	gh-126565: Skip `zipfile.Path.exists` check in write mode (#126576 )	2024-11-10 09:57:24 -05:00
zoneinfo	gh-106233: Fix stacklevel in zoneinfo.InvalidTZPathWarning (GH-106234)	2024-02-06 15:08:56 +02:00
__future__.py
__hello__.py
_aix_support.py
_android_support.py	gh-125942: Android: set stdout to `errors="backslashreplace"` (#125943 )	2024-10-25 08:35:41 +08:00
_collections_abc.py	gh-116938: Clarify documentation of `dict` and `dict.update` regarding the positional argument they accept (#125213 )	2024-10-11 23:05:13 +00:00
_colorize.py	gh-117225: Move colorize functionality to own internal module (#118283 )	2024-05-01 12:27:06 -06:00
_compat_pickle.py
_compression.py
_ios_support.py	gh-119253: use ImportError in _ios_support (#119254 )	2024-05-20 16:39:30 -04:00
_markupbase.py
_opcode_metadata.py	GH-125837: Split `LOAD_CONST` into three. (GH-125972)	2024-10-29 11:15:42 +00:00
_osx_support.py	gh-102362: Fix macOS version number in result of sysconfig.get_platform() (GH-112942)	2023-12-18 18:51:58 -05:00
_py_abc.py
_pydatetime.py	gh-126947: Typechecking for _pydatetime.timedelta.__new__ arguments (#126949 )	2024-11-19 22:40:52 +03:00
_pydecimal.py	gh-121798: Add class method Decimal.from_number() (GH-121801)	2024-10-14 08:24:01 +00:00
_pyio.py	gh-120754: _io Ensure stat cache is cleared on fd change (#125166 )	2024-11-01 22:50:49 +01:00
_pylong.py	Fix typos in comments and test code (#122846 )	2024-08-11 21:16:41 -07:00
_sitebuiltins.py
_strptime.py	gh-53203: Fix strptime() for %c, %x and %X formats on many locales (GH-125406)	2024-10-14 16:29:20 +03:00
_threading_local.py
_weakrefset.py	gh-89967: make WeakKeyDictionary and WeakValueDictionary thread safe (#125325 )	2024-10-13 21:05:05 +05:30
abc.py
annotationlib.py	gh-125614: annotationlib: Fix bug where not all Stringifiers are converted (#125635 )	2024-10-23 16:27:55 -07:00
antigravity.py
argparse.py	gh-117941: Reject option names starting with "--no-" in argparse.BooleanOptionalAction (GH-125894)	2024-11-11 18:28:30 +02:00
ast.py	gh-91818: Use default program name in the CLI of many modules (GH-124867)	2024-10-10 00:20:53 +03:00
base64.py	gh-118673: Remove shebang and executable bits from stdlib modules. (#119658 )	2024-05-29 12:43:19 -04:00
bdb.py	gh-58956: Set f_trace on frames with breakpoints after setting a new breakpoint (#124454 )	2024-10-15 15:56:33 -04:00
bisect.py
bz2.py	gh-115961: Add name and mode attributes for compressed file-like objects (GH-116036)	2024-04-21 11:46:39 +03:00
calendar.py	gh-126476: Raise IllegalMonthError for calendar.formatmonth() when the input month is not correct (GH-126484)	2024-11-15 11:03:06 -08:00
cmd.py	Remove almost all unpaired backticks in docstrings (#119231 )	2024-05-22 12:35:18 -04:00
code.py	gh-125666: Avoid PyREPL exiting when a null byte is in input (#125732 )	2024-10-27 01:23:53 +00:00
codecs.py	gh-121785: Remove unused code from codecs.py (GH-121787)	2024-07-15 17:18:37 +00:00
codeop.py	gh-124960: Fixed `barry_as_FLUFL` future flag does not work in new REPL (#124999 )	2024-10-14 15:53:50 +02:00
colorsys.py	gh-121905: Consistently use "floating-point" instead of "floating point" (GH-121907)	2024-07-19 08:06:02 +00:00
compileall.py	gh-117205: Increase chunksize when compiling pyc in parallel (#117206 )	2024-04-03 15:24:24 -07:00
configparser.py	gh-123049: configparser: Allow to create the unnamed section from scratch. (#123077 )	2024-08-18 15:52:25 -04:00
contextlib.py	gh-103791: handle `BaseExceptionGroup` in `contextlib.suppress()` (#111910 )	2023-11-10 13:32:36 +00:00
contextvars.py	gh-126451: Register contextvars.Context to collections.abc.Mapping (#126452 )	2024-11-07 01:12:45 +03:00
copy.py	gh-125767: Fix pickling and copying of super objects (GH-125781)	2024-10-21 21:30:45 +03:00
copyreg.py	gh-125767: Fix pickling and copying of super objects (GH-125781)	2024-10-21 21:30:45 +03:00
cProfile.py	gh-118673: Remove shebang and executable bits from stdlib modules. (#119658 )	2024-05-29 12:43:19 -04:00
csv.py	gh-121905: Consistently use "floating-point" instead of "floating point" (GH-121907)	2024-07-19 08:06:02 +00:00
dataclasses.py	gh-118974: Add `decorator` argument to `make_dataclass` (gh-122723)	2024-10-01 09:51:51 -04:00
datetime.py	gh-123843: Remove broken links to the Zope DateTimeWiki (#123846 )	2024-09-08 22:39:23 -04:00
decimal.py	gh-123339: Fix cases of inconsistency of __module__ and __firstlineno__ in classes (GH-123613)	2024-09-28 20:51:49 +03:00
difflib.py	gh-115801: Only allow sequence of strings as input for difflib.unified_diff (GH-118333)	2024-06-10 14:06:18 +03:00
dis.py	gh-126072: do not add `None` to `co_consts` if there is no docstring (GH-126101)	2024-10-30 09:01:09 +00:00
doctest.py	gh-120254: Add a `commands` argument to `pdb.set_trace` (#120255 )	2024-09-24 12:52:15 -07:00
enum.py	gh-125259: Fix error notes removal in enum initialization (GH-125647)	2024-10-22 13:42:22 -07:00
filecmp.py	gh-122400: Handle ValueError in filecmp (GH-122401)	2024-07-30 08:50:30 +00:00
fileinput.py	Use bool in fileinput.input() docstring and tests for the inplace argument (GH-111998)	2024-01-27 23:47:55 +02:00
fnmatch.py	GH-72904: Add `glob.translate()` function (#106703 )	2023-11-13 17:15:56 +00:00
fractions.py	gh-121797: Add class method Fraction.from_number() (GH-121800)	2024-10-14 07:54:59 +00:00
ftplib.py	Remove almost all unpaired backticks in docstrings (#119231 )	2024-05-22 12:35:18 -04:00
functools.py	gh-126133: Only use start year in PSF copyright, remove end years (#126236 )	2024-11-12 15:59:19 +02:00
genericpath.py	gh-117114: Make os.path.isdevdrive available on all platforms (GH-117115)	2024-03-25 22:55:11 +00:00
getopt.py	gh-126390: Support for preserving order of options and nonoption arguments in gnu_getopt() (GH-126393)	2024-11-13 22:50:46 +02:00
getpass.py	gh-76912: Raise OSError from any failure in getpass.getuser() (#29739 )	2023-11-27 10:05:55 -08:00
gettext.py	Fix old-style `print` statement in `gettext` comments (#122939 )	2024-08-12 18:15:57 +03:00
glob.py	GH-125413: pathlib ABCs: use `scandir()` to speed up `glob()` (#126261 )	2024-11-01 17:48:58 +00:00
graphlib.py	gh-115238: Remove a redundant f-string in graphlib (#115239 )	2024-09-01 06:12:53 +01:00
gzip.py	gh-125260: Change the default ``gzip.compress()`` mtime to 0 (#125261 )	2024-10-12 18:18:48 +01:00
hashlib.py	Fix typos in warnings, docstrings, comments and text files (#123597 )	2024-09-03 02:20:40 +02:00
heapq.py	gh-119721: Integrate documentation fixes into heapq module docstring. (gh-119722)	2024-05-29 11:39:34 -05:00
hmac.py	gh-112999: Replace the outdated "deprecated" directives with "versionchanged" (GH-113000)	2023-12-12 18:31:04 +02:00
imaplib.py	Remove almost all unpaired backticks in docstrings (#119231 )	2024-05-22 12:35:18 -04:00
inspect.py	gh-70764: inspect.getclosurevars now identifies global variables with LOAD_GLOBAL (#120143 )	2024-11-05 15:53:54 -08:00
io.py	gh-111356: io: Add missing documented objects to io.__all__ (#111370 )	2023-11-10 16:18:52 +09:00
ipaddress.py	gh-124217, ipaddress: Add RFC 9637 reserved IPv6 block `3fff::/20` (#124240 )	2024-09-20 11:01:28 +00:00
keyword.py
linecache.py	gh-122170: Handle ValueError raised by os.stat() in linecache (GH-122176)	2024-07-27 10:10:42 +00:00
locale.py	gh-91565: Replace bugs.python.org links with Devguide/GitHub ones (GH-91568)	2024-04-01 13:02:07 +00:00
lzma.py	gh-120417: Add #noqa to used imports in the stdlib (#120421 )	2024-06-13 16:14:50 +02:00
mailbox.py	gh-117467: Add preserving of mailbox owner on flush (GH-117510)	2024-04-04 13:32:53 +03:00
mimetypes.py	gh-85957: Add missing MIME types for images with RFCs (#126966 )	2024-11-18 20:13:20 +02:00
modulefinder.py	gh-114099 - Add iOS framework loading machinery. (GH-116454)	2024-03-19 08:36:19 -04:00
netrc.py
ntpath.py	gh-119826: Improved fallback for ntpath.abspath() on Windows (GH-119938)	2024-11-12 21:18:03 +00:00
nturl2path.py	GH-126766: `url2pathname()`: handle empty authority section. (#126767 )	2024-11-14 20:22:14 +00:00
numbers.py
opcode.py	GH-118093: Specialize `CALL_KW` (GH-123006)	2024-08-16 17:11:24 +01:00
operator.py	gh-115808: Add ``is_none` `and` `is_not_none` `to` `operator`` (#115814 )	2024-08-10 20:16:34 +01:00
optparse.py	gh-126133: Only use start year in PSF copyright, remove end years (#126236 )	2024-11-12 15:59:19 +02:00
os.py	gh-120057: Add os.reload_environ() function (#126268 )	2024-11-05 08:43:34 +01:00
pdb.py	Fixed a few type mismatches in pdb (#125952 )	2024-10-25 00:17:58 -04:00
pickle.py	gh-126489: Do not call persistent_id() for a persistent id in Python pickle (GH-126490)	2024-11-06 22:25:14 +02:00
pickletools.py	gh-123309: Remove check for redefined memo entry in pickletools.dis() (GH-123374)	2024-08-31 16:21:49 +03:00
pkgutil.py	gh-97850: remove ``find_loader` `and` `get_loader` `from` `pkgutil`` (#119656 )	2024-11-01 18:35:22 +02:00
platform.py	gh-122549: Add platform.invalidate_caches() (#122547 )	2024-11-15 13:52:56 +00:00
plistlib.py	gh-111803: Support loading more deeply nested lists in binary plist format (GH-114024)	2024-01-13 15:26:55 +02:00
poplib.py
posixpath.py	GH-118289: Fix handling of non-directories in `posixpath.realpath()` (#120127 )	2024-11-13 22:59:32 +00:00
pprint.py	gh-118761: Improve import time of `pprint` (#122725 )	2024-08-07 22:46:54 +03:00
profile.py	gh-118673: Remove shebang and executable bits from stdlib modules. (#119658 )	2024-05-29 12:43:19 -04:00
pstats.py	gh-121905: Consistently use "floating-point" instead of "floating point" (GH-121907)	2024-07-19 08:06:02 +00:00
pty.py	gh-124405: Fix `NameError` in `openpty` (#124406 )	2024-09-24 20:06:39 +02:00
py_compile.py
pyclbr.py
pydoc.py	gh-101552: Allow pydoc to display signatures in source format (#124669 )	2024-10-09 05:03:53 +00:00
queue.py	gh-117531: Unblock getters after non-immediate queue shutdown (#117532 )	2024-04-10 08:01:42 -07:00
quopri.py	gh-118673: Remove shebang and executable bits from stdlib modules. (#119658 )	2024-05-29 12:43:19 -04:00
random.py	gh-123968: Fix lower bound for `python -m random --float` (#123971 )	2024-09-12 16:54:18 +03:00
reprlib.py	gh-113570: reprlib.repr does not use builtin __repr__ for reshadowed builtins (GH-113577)	2024-10-17 16:34:37 +00:00
rlcompleter.py	gh-113978: Ignore warnings on text completion inside REPL (#113979 )	2024-05-21 18:28:21 +02:00
runpy.py	gh-99437: runpy: decode path-like objects before setting globals	2024-01-15 16:58:50 +00:00
sched.py	gh-121905: Consistently use "floating-point" instead of "floating point" (GH-121907)	2024-07-19 08:06:02 +00:00
secrets.py
selectors.py
shelve.py
shlex.py
shutil.py	gh-117151: increase default buffer size of shutil.copyfileobj() to 256k. (GH-119783)	2024-10-04 16:51:22 -07:00
signal.py	gh-112559: Avoid unnecessary conversion attempts to enum_klass in signal.py (#113040 )	2023-12-23 17:07:52 -08:00
site.py	gh-126911: Update credits output (#126913 )	2024-11-18 17:29:14 +02:00
smtplib.py	gh-118673: Remove shebang and executable bits from stdlib modules. (#119658 )	2024-05-29 12:43:19 -04:00
socket.py	gh-121423: Improve import time of `socket` (#121424 )	2024-09-04 12:00:37 +02:00
socketserver.py
sre_compile.py
sre_constants.py
sre_parse.py
ssl.py	gh-118658: Return consistent types from `get_un/verified_chain` in `SSLObject` and `SSLSocket` (#118669 )	2024-08-16 22:27:44 +02:00
stat.py	gh-120417: Remove unused imports in the stdlib (#120420 )	2024-06-12 20:56:42 +02:00
statistics.py	Minor code beautifications in statistics.py (gh-124866)	2024-10-01 15:55:36 -05:00
string.py
stringprep.py
struct.py	gh-120417: Add #noqa to used imports in the stdlib (#120421 )	2024-06-13 16:14:50 +02:00
subprocess.py	gh-121381 Remove subprocess._USE_VFORK escape hatch (#121383 )	2024-07-30 18:39:54 -07:00
symtable.py	gh-119698: deprecate ``symtable.Class.get_methods`` (#121902 )	2024-07-22 07:04:17 -07:00
tabnanny.py	gh-120495: Fix incorrect exception handling in Tab Nanny (#120498 )	2024-06-15 05:04:14 -06:00
tarfile.py	gh-121267: Improve performance of tarfile (#121267 ) (#121269 )	2024-10-30 15:08:30 -07:00
tempfile.py	gh-59616: Support os.chmod(follow_symlinks=True) and os.lchmod() on Windows (GH-113049)	2023-12-14 13:28:37 +02:00
textwrap.py	gh-126133: Only use start year in PSF copyright, remove end years (#126236 )	2024-11-12 15:59:19 +02:00
this.py
threading.py	gh-121474: Add threading.Barrier parties arg sanity check. (GH-121480)	2024-07-30 11:53:07 +03:00
timeit.py	gh-118673: Remove shebang and executable bits from stdlib modules. (#119658 )	2024-05-29 12:43:19 -04:00
token.py
tokenize.py	gh-91818: Use default program name in the CLI of many modules (GH-124867)	2024-10-10 00:20:53 +03:00
trace.py	gh-118673: Remove shebang and executable bits from stdlib modules. (#119658 )	2024-05-29 12:43:19 -04:00
traceback.py	gh-125593: Use colors to highlight error locations in tracebacks from exception group (#125681 )	2024-10-27 01:57:10 +01:00
tracemalloc.py
tty.py	gh-114328: tty cbreak mode should not alter ICRNL (#114335 )	2024-01-21 15:25:52 -08:00
turtle.py	gh-123614: Add save function to turtle.py (#123617 )	2024-09-12 21:36:17 -07:00
types.py
typing.py	gh-126705: Make os.PathLike more like a protocol (#126706 )	2024-11-12 17:54:13 +00:00
uuid.py	gh-89083: add support for UUID version 8 (RFC 9562) (#123224 )	2024-11-12 19:08:49 +01:00
warnings.py	gh-122088: Copy the coroutine status of the underlying callable in `@warnings.deprecated` (#122086 )	2024-07-23 10:59:28 +01:00
wave.py
weakref.py	gh-89967: make WeakKeyDictionary and WeakValueDictionary thread safe (#125325 )	2024-10-13 21:05:05 +05:30
webbrowser.py	gh-123494: Improve documentation for ``webbrowser`` return types (#123495 )	2024-09-01 06:17:03 +01:00
zipapp.py
zipimport.py	gh-121735: Fix module-adjacent references in zip files (#123037 )	2024-09-11 22:33:07 -04:00