Python ctypes segmentation fault when rootfs is read-only and tmp is noexec

0 votes

I'm trying to use Python for an embedded app on an Arm processor running Linux (CPython 2.7.3 cross-compiled from X86/Linux). It worked really well until I started securing the device to prevent tampering. First I made the rootfs read-only, both to prevent corruption of the rootfs on a sudden loss of power and to prevent modification to our main code by unauthorized users. Still, python and our ctypes libraries continued working as normal. The /tmp directory gets mapped to a tmpfs (ramdrive). Another step of hardening is to set the noexec flag on the tmpfs partition to prevent users from somehow uploading any code that could lead to a local root exploit. With both of those options set, importing ctypes produces an immediate segfault:

root@ATX4:~# python                                 
Python 2.7.3 (default, Jul 16 2013, 17:15:57) 
[GCC 4.3.3] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import ctypes
Segmentation fault
Aug 28, 2018 in Python by aryya
• 7,460 points
1,085 views

1 answer to this question.

0 votes
I cant really seem to reproduce the bug on my system. I think it might have been a legitimate bug on the developer's side or maybe you could consider that ctypes may need to create a unique callback (an executable C-level function). It would map some anonymous (ok) or shared file (not ok) with execute bit set.

Memory error handling is always hard, and could have easily escaped developers.
answered Aug 28, 2018 by anonymous

Related Questions In Python

0 votes
1 answer

What is the difference between read() and readline() in python?

The read() will read the whole file at ...READ MORE

answered Apr 28, 2022 in Python by narikkadan
• 63,600 points
17,083 views
+1 vote
7 answers
0 votes
1 answer

What is the difference between Python and IPython?

There are few differences between Python and ...READ MORE

answered Jul 26, 2018 in Python by Priyaj
• 58,020 points
4,032 views
0 votes
3 answers

Python exit commands - why so many and when should each be used?

The functions* quit(), exit(), and sys.exit() function in the same way: ...READ MORE

answered Dec 14, 2020 in Python by Gitika
• 65,770 points
66,754 views
0 votes
1 answer

When I create and remove files rapidly on windows using python I get WindowsError (Error 5)

Here's the short answer: disable any antivirus or ...READ MORE

answered Aug 31, 2018 in Python by charlie_brown
• 7,720 points
1,931 views
0 votes
1 answer

What is the difference between python's file I/O system when using 'w' and 'wb'?

Only in Windows, in the latter case, ...READ MORE

answered Sep 11, 2018 in Python by charlie_brown
• 7,720 points
1,552 views
0 votes
1 answer

How is Python 2.7.3 and Python 3.3 different?

raw_input() is not used in Python 3. Use input()  ...READ MORE

answered Sep 12, 2018 in Python by SDeb
• 13,300 points
939 views
0 votes
0 answers

How to mix read() and write() on Python files in Windows

It appears that a write() immediately following a read() on a ...READ MORE

Oct 24, 2018 in Python by Aryya
• 500 points
829 views
+1 vote
1 answer

What is the difference between range and xrange functions in Python 2.X?

xrange only stores the range params and ...READ MORE

answered Aug 22, 2018 in Python by Priyaj
• 58,020 points
2,437 views
0 votes
1 answer

Is there a foreach function in python and is there a way to implement it if there isnt any

Every occurence of "foreach" I've seen (PHP, ...READ MORE

answered Aug 31, 2018 in Python by charlie_brown
• 7,720 points
1,184 views
webinar REGISTER FOR FREE WEBINAR X
REGISTER NOW
webinar_success Thank you for registering Join Edureka Meetup community for 100+ Free Webinars each month JOIN MEETUP GROUP