New submission from Ned Deily <n...@acm.org>: potential 2.6.5 release blocker
The changes introduced for Issue7999 in r78546, r78547, r78548, r78549 cause test_tcl to fail when it is run after test_os, as is normal under regrtest. The problem is that the posixmodule was modified to accept values of -1 for setreuid and setregid and, although the tests added for them claim that they do nothing, on OS X 10.6 (in a framework build at least) they do have a side effect. A simplified test case demonstrates: $ ./python Python 2.6.5rc1 (release26-maint, Mar 2 2010, 15:22:31) [GCC 4.2.1 (Apple Inc. build 5646) (dot 1)] on darwin Type "help", "copyright", "credits" or "license" for more information. >>> from Tkinter import Tcl >>> Tcl().loadtk() # Tk window opens >>> ^D $ ./python Python 2.6.5rc1 (release26-maint, Mar 2 2010, 15:22:31) [GCC 4.2.1 (Apple Inc. build 5646) (dot 1)] on darwin Type "help", "copyright", "credits" or "license" for more information. >>> from Tkinter import Tcl >>> import os >>> os.getuid(), os.geteuid() (501, 501) >>> os.setreuid(-1, -1) >>> os.getuid(), os.geteuid() (501, 501) >>> Tcl().loadtk() 2010-03-02 18:20:28.375 Python[21147:60f] The application with bundle ID org.python.python is running setugid(), which is not allowed. $ ./python Python 2.6.5rc1 (release26-maint, Mar 2 2010, 15:22:31) [GCC 4.2.1 (Apple Inc. build 5646) (dot 1)] on darwin Type "help", "copyright", "credits" or "license" for more information. >>> from Tkinter import Tcl >>> import os >>> os.getgid(), os.getegid() (20, 20) >>> os.setregid(-1, -1) >>> os.getgid(), os.getegid() (20, 20) >>> Tcl().loadtk() 2010-03-02 18:25:15.952 Python[21163:60f] The application with bundle ID org.python.python is running setugid(), which is not allowed. Searching the web for "running setugid(), which is not allowed" shows various programs affected by this change in OS X 10.6, apparently to close a security hole. Unfortunately, the module and test changes cause the standard python regression test to abort at test_tcl. For 2.6.5 at least, suggest disabling the two new -1, -1 tests on OS X. (I assume that the other branches exhibit the same behavior but I haven't explicitly tested them yet.) ---------- messages: 100326 nosy: barry, gregory.p.smith, ned.deily, ronaldoussoren severity: normal status: open title: test_tcl aborts on OS X 10.6 with "The application with bundle ID org.python.python is running setugid(), which is not allowed." type: crash versions: Python 2.6, Python 2.7, Python 3.1, Python 3.2 _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue8045> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
