def testProcess(self): input_r_fd, input_w_fd = os.pipe() output_r_fd, output_w_fd = os.pipe() input_r_handle = msvcrt.get_osfhandle(input_r_fd) output_w_handle = msvcrt.get_osfhandle(output_w_fd) with os.fdopen(input_w_fd, "wb", buffering=0) as input_w: with os.fdopen(output_r_fd, "rb", buffering=0) as output_r: args = [ sys.executable, "-m", "grr_response_client.unprivileged.windows.echo", "--pipe_input", str(input_r_handle), "--pipe_output", str(output_w_handle), ] p = process.Process(args, [input_r_handle, output_w_handle]) input_w.write(b"foo") result = output_r.read(6) self.assertEqual(result, b"foo123") self.assertGreater(p.GetCpuTimes().cpu_time, 0.0) self.assertGreater(p.GetCpuTimes().sys_time, 0.0) p.Stop()
def testSandboxSecurity(self): with contextlib.ExitStack() as stack: port = 12395 sock = stack.enter_context( socket.socket(socket.AF_INET, socket.SOCK_STREAM)) sock.bind(("", port)) sock.listen() sub_key = "Software\\SandboxTest" key = winreg.CreateKeyEx(winreg.HKEY_LOCAL_MACHINE, sub_key, access=winreg.KEY_ALL_ACCESS) winreg.SetValueEx(key, "foo", 0, winreg.REG_SZ, "bar") winreg.FlushKey(key) stack.callback(winreg.DeleteKey, winreg.HKEY_LOCAL_MACHINE, sub_key) stack.callback(winreg.CloseKey, key) stack.callback(winreg.DeleteValue, key, "foo") args = [ sys.executable, "-m", "grr_response_client.unprivileged.windows.sandbox_unprivileged_test_lib", "--localhost_port", str(port), "--registry_sub_key", sub_key ] p = process.Process(args, []) exit_code = p.Wait() self.assertEqual(exit_code, 0)
def Start(self) -> None: with contextlib.ExitStack() as stack: input_r_fd, input_w_fd = os.pipe() stack.callback(os.close, input_r_fd) self._input_w = os.fdopen(input_w_fd, "wb", buffering=0) output_r_fd, output_w_fd = os.pipe() stack.callback(os.close, output_w_fd) self._output_r = os.fdopen(output_r_fd, "rb", buffering=0) if platform.system() == "Windows": # pylint: disable=g-import-not-at-top import msvcrt from grr_response_client.unprivileged.windows import process # pytype: disable=import-error # pylint: enable=g-import-not-at-top # pytype doesn't see the functions in msvcrt # pytype: disable=module-attr input_r_handle = msvcrt.get_osfhandle(input_r_fd) output_w_handle = msvcrt.get_osfhandle(output_w_fd) # pytype: enable=module-attr args = self._args_factory( Channel(pipe_input=input_r_handle, pipe_output=output_w_handle)) self._process_win = process.Process(args, [input_r_fd, output_w_fd] + self._extra_file_descriptors) else: args = self._args_factory( Channel(pipe_input=input_r_fd, pipe_output=output_w_fd)) self._process = subprocess.Popen( args, close_fds=True, pass_fds=[input_r_fd, output_w_fd] + self._extra_file_descriptors, )
def Start(self) -> None: with contextlib.ExitStack() as stack: input_r_fd, input_w_fd = os.pipe() stack.callback(os.close, input_r_fd) self._input_w = os.fdopen(input_w_fd, "wb", buffering=0) output_r_fd, output_w_fd = os.pipe() stack.callback(os.close, output_w_fd) self._output_r = os.fdopen(output_r_fd, "rb", buffering=0) input_r_fd_obj = FileDescriptor.FromFileDescriptor(input_r_fd) output_w_fd_obj = FileDescriptor.FromFileDescriptor(output_w_fd) if platform.system() == "Windows": # pylint: disable=g-import-not-at-top from grr_response_client.unprivileged.windows import process # pytype: disable=import-error # pylint: enable=g-import-not-at-top args = self._args_factory( Channel(pipe_input=input_r_fd_obj, pipe_output=output_w_fd_obj)) extra_handles = [ fd.ToHandle() for fd in self._extra_file_descriptors ] self._process_win = process.Process( args, [input_r_fd_obj.ToHandle(), output_w_fd_obj.ToHandle()] + extra_handles) else: args = self._args_factory( Channel(pipe_input=input_r_fd_obj, pipe_output=output_w_fd_obj)) extra_fds = [ fd.ToFileDescriptor() for fd in self._extra_file_descriptors ] self._process = subprocess.Popen( args, close_fds=True, pass_fds=[input_r_fd, output_w_fd] + extra_fds, ) SubprocessServer._started_instances.add(self)
def testProcess(self): extra_pipe_r, extra_pipe_w = process.CreatePipeWrapper() def MakeCommandLine(pipe_input: int, pipe_output: int) -> str: return " ".join([ sys.executable, "-m", "grr_response_client.unprivileged.windows.echo", "--pipe_input", str(pipe_input), "--pipe_output", str(pipe_output), "--extra_pipe_input", str(extra_pipe_r.value), ]) p = process.Process(MakeCommandLine, [extra_pipe_r.value]) win32file.WriteFile(p.input, b"foo") win32file.WriteFile(extra_pipe_w.value, b"bar") result = win32file.ReadFile(p.output, 9)[1] self.assertEqual(result, b"foobar123") p.Stop()