git.ipfire.org Git - thirdparty/Python/cpython.git/commit

author	Robin Jadoul <robin.jadoul@gmail.com>
	Sun, 13 Apr 2025 21:46:20 +0000 (23:46 +0200)
committer	GitHub <noreply@github.com>
	Sun, 13 Apr 2025 21:46:20 +0000 (21:46 +0000)
commit	2666a06d336675247e1602aeb64170b2443602ce
tree	06a1a329ab1f5e17b81e2b799c437cd8082b8662	tree \| snapshot
parent	ce753517a87eec776c176f3245ce5d1554a59341	commit \| diff

GH-115322: Add missing audit hooks (GH-115624)

Add extra audit hooks to catch C function calling from ctypes,
reading/writing files through readline and executing external
programs through _posixsubprocess.

* Make audit-tests for open pass when readline.append_history_file is unavailable
* Less direct testing of _posixsubprocess for audit hooks
* Also remove the audit hook from call_cdeclfunction now that _ctypes_callproc does it instead.
* reword the NEWS entry.
* mention readline in NEWS
* add versionchanged markers
* fix audit_events.rst versionadded
* doc lint

---------

Co-authored-by: Gregory P. Smith <greg@krypto.org>

Doc/library/audit_events.rst		diff \| blob \| blame \| history
Doc/library/ctypes.rst		diff \| blob \| blame \| history
Doc/library/readline.rst		diff \| blob \| blame \| history
Lib/test/audit-tests.py		diff \| blob \| blame \| history
Lib/test/test_audit.py		diff \| blob \| blame \| history
Misc/NEWS.d/next/Security/2024-02-18-02-53-25.gh-issue-115322.Um2Sjx.rst	[new file with mode: 0644]	blob
Modules/_ctypes/callproc.c		diff \| blob \| blame \| history
Modules/_posixsubprocess.c		diff \| blob \| blame \| history
Modules/readline.c		diff \| blob \| blame \| history