gh-121957: Emit audit events for `python -i` and `python -m asyncio` (GH-121958)

Relatedly, emit the `cpython.run_startup` event from the Python version of
`PYTHONSTARTUP` handling.
This commit is contained in:
Łukasz Langa 2024-07-22 13:04:08 +02:00 committed by GitHub
parent cad11a2bdc
commit dc93d1125f
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
6 changed files with 36 additions and 2 deletions

View File

@ -56,9 +56,13 @@ Additionally, there are **low-level** APIs for
* :ref:`bridge <asyncio-futures>` callback-based libraries and code
with async/await syntax.
.. include:: ../includes/wasm-notavail.rst
.. _asyncio-cli:
You can experiment with an ``asyncio`` concurrent context in the REPL:
.. rubric:: asyncio REPL
You can experiment with an ``asyncio`` concurrent context in the :term:`REPL`:
.. code-block:: pycon
@ -70,7 +74,14 @@ You can experiment with an ``asyncio`` concurrent context in the REPL:
>>> await asyncio.sleep(10, result='hello')
'hello'
.. include:: ../includes/wasm-notavail.rst
.. audit-event:: cpython.run_stdin "" ""
.. versionchanged:: 3.12.5 (also 3.11.10, 3.10.15, 3.9.20, and 3.8.20)
Emits audit events.
.. versionchanged:: 3.13
Uses PyREPL if possible, in which case :envvar:`PYTHONSTARTUP` is
also executed. Emits audit events.
.. We use the "rubric" directive here to avoid creating
the "Reference" subsection in the TOC.

View File

@ -793,6 +793,15 @@ conflict.
This variable can also be modified by Python code using :data:`os.environ`
to force inspect mode on program termination.
.. audit-event:: cpython.run_stdin "" ""
.. versionchanged:: 3.12.5 (also 3.11.10, 3.10.15, 3.9.20, and 3.8.20)
Emits audit events.
.. versionchanged:: 3.13
Uses PyREPL if possible, in which case :envvar:`PYTHONSTARTUP` is
also executed. Emits audit events.
.. envvar:: PYTHONUNBUFFERED

View File

@ -39,6 +39,8 @@ def interactive_console(mainmodule=None, quiet=False, pythonstartup=False):
# sys._baserepl() above does this internally, we do it here
startup_path = os.getenv("PYTHONSTARTUP")
if pythonstartup and startup_path:
sys.audit("cpython.run_startup", startup_path)
import tokenize
with tokenize.open(startup_path) as f:
startup_code = compile(f.read(), startup_path, "exec")

View File

@ -91,6 +91,8 @@ class REPLThread(threading.Thread):
console.write(banner)
if startup_path := os.getenv("PYTHONSTARTUP"):
sys.audit("cpython.run_startup", startup_path)
import tokenize
with tokenize.open(startup_path) as f:
startup_code = compile(f.read(), startup_path, "exec")
@ -127,6 +129,8 @@ class REPLThread(threading.Thread):
if __name__ == '__main__':
sys.audit("cpython.run_stdin")
if os.getenv('PYTHON_BASIC_REPL'):
CAN_USE_PYREPL = False
else:
@ -155,6 +159,7 @@ if __name__ == '__main__':
interactive_hook = getattr(sys, "__interactivehook__", None)
if interactive_hook is not None:
sys.audit("cpython.run_interactivehook", interactive_hook)
interactive_hook()
if interactive_hook is site.register_readline:

View File

@ -0,0 +1,3 @@
Fixed missing audit events around interactive use of Python, now also
properly firing for ``python -i``, as well as for ``python -m asyncio``. The
events in question are ``cpython.run_stdin`` and ``cpython.run_startup``.

View File

@ -594,6 +594,10 @@ pymain_repl(PyConfig *config, int *exitcode)
return;
}
if (PySys_Audit("cpython.run_stdin", NULL) < 0) {
return;
}
if (!isatty(fileno(stdin))
|| _Py_GetEnv(config->use_environment, "PYTHON_BASIC_REPL")) {
PyCompilerFlags cf = _PyCompilerFlags_INIT;