[paramiko] [PATCH] osrandom doesn't work nicely in chroot() environment
Robey Pointer
robey at lag.net
Sat Mar 22 14:54:42 PDT 2008
On 1 Mar 2008, at 22:44, Dwayne C. Litzenberger wrote:
> I'm implementing an SFTP server for paramiko, and this server
> supports chroot()ing into an individual user's home directory.
>
> Unfortunately, once you do os.chroot(), os.urandom() fails with
> NotImplementedError:
>
> >>> import paramiko, os
> >>> paramiko.randpool.get_bytes(4)
> '@\x92:\xa7'
> >>> os.chroot("/home/dwon")
> >>> paramiko.randpool.get_bytes(4)
> Traceback (most recent call last):
> File "<stdin>", line 1, in ?
> File "os.py", line 720, in urandom
> NotImplementedError: /dev/urandom (or equivalent) not found
>
> I've attached a patch that works around this problem by making
> OSRandomPool automatically fall back to using a previously-opened
> file descriptor connected to /dev/urandom. The result is that if
> you import the paramiko module before performing os.chroot(),
> paramiko is still able to get random numbers.
>
> This patch has not been tested on win32. Someone should do that
> before the next paramiko release, as I am known to have typos in my
> patches. :)
Looks okay to me. Actually, looking at the source for os.urandom, we
might as well skip that part entirely. It's not doing anything more
than you're doing, except they don't keep the file open.
The tests pass, so I'm committing it like that (with os.urandom
removed). I'll test it out in a Windows VM before releasing.
robey
More information about the paramiko
mailing list