def testProcess(self):
input_r_fd, input_w_fd = os.pipe()
output_r_fd, output_w_fd = os.pipe()
input_r_handle = msvcrt.get_osfhandle(input_r_fd)
output_w_handle = msvcrt.get_osfhandle(output_w_fd)
with os.fdopen(input_w_fd, "wb", buffering=0) as input_w:
with os.fdopen(output_r_fd, "rb", buffering=0) as output_r:
args = [
sys.executable,
"-m",
"grr_response_client.unprivileged.windows.echo",
"--pipe_input",
str(input_r_handle),
"--pipe_output",
str(output_w_handle),
]
p = process.Process(args, [input_r_handle, output_w_handle])
input_w.write(b"foo")
result = output_r.read(6)
self.assertEqual(result, b"foo123")
self.assertGreater(p.GetCpuTimes().cpu_time, 0.0)
self.assertGreater(p.GetCpuTimes().sys_time, 0.0)
p.Stop()
def testSandboxSecurity(self):
with contextlib.ExitStack() as stack:
port = 12395
sock = stack.enter_context(
socket.socket(socket.AF_INET, socket.SOCK_STREAM))
sock.bind(("", port))
sock.listen()
sub_key = "Software\\SandboxTest"
key = winreg.CreateKeyEx(winreg.HKEY_LOCAL_MACHINE,
sub_key,
access=winreg.KEY_ALL_ACCESS)
winreg.SetValueEx(key, "foo", 0, winreg.REG_SZ, "bar")
winreg.FlushKey(key)
stack.callback(winreg.DeleteKey, winreg.HKEY_LOCAL_MACHINE,
sub_key)
stack.callback(winreg.CloseKey, key)
stack.callback(winreg.DeleteValue, key, "foo")
args = [
sys.executable, "-m",
"grr_response_client.unprivileged.windows.sandbox_unprivileged_test_lib",
"--localhost_port",
str(port), "--registry_sub_key", sub_key
]
p = process.Process(args, [])
exit_code = p.Wait()
self.assertEqual(exit_code, 0)
def Start(self) -> None:
with contextlib.ExitStack() as stack:
input_r_fd, input_w_fd = os.pipe()
stack.callback(os.close, input_r_fd)
self._input_w = os.fdopen(input_w_fd, "wb", buffering=0)
output_r_fd, output_w_fd = os.pipe()
stack.callback(os.close, output_w_fd)
self._output_r = os.fdopen(output_r_fd, "rb", buffering=0)
if platform.system() == "Windows":
# pylint: disable=g-import-not-at-top
import msvcrt
from grr_response_client.unprivileged.windows import process # pytype: disable=import-error
# pylint: enable=g-import-not-at-top
# pytype doesn't see the functions in msvcrt
# pytype: disable=module-attr
input_r_handle = msvcrt.get_osfhandle(input_r_fd)
output_w_handle = msvcrt.get_osfhandle(output_w_fd)
# pytype: enable=module-attr
args = self._args_factory(
Channel(pipe_input=input_r_handle, pipe_output=output_w_handle))
self._process_win = process.Process(args, [input_r_fd, output_w_fd] +
self._extra_file_descriptors)
else:
args = self._args_factory(
Channel(pipe_input=input_r_fd, pipe_output=output_w_fd))
self._process = subprocess.Popen(
args,
close_fds=True,
pass_fds=[input_r_fd, output_w_fd] + self._extra_file_descriptors,
)
def Start(self) -> None:
with contextlib.ExitStack() as stack:
input_r_fd, input_w_fd = os.pipe()
stack.callback(os.close, input_r_fd)
self._input_w = os.fdopen(input_w_fd, "wb", buffering=0)
output_r_fd, output_w_fd = os.pipe()
stack.callback(os.close, output_w_fd)
self._output_r = os.fdopen(output_r_fd, "rb", buffering=0)
input_r_fd_obj = FileDescriptor.FromFileDescriptor(input_r_fd)
output_w_fd_obj = FileDescriptor.FromFileDescriptor(output_w_fd)
if platform.system() == "Windows":
# pylint: disable=g-import-not-at-top
from grr_response_client.unprivileged.windows import process # pytype: disable=import-error
# pylint: enable=g-import-not-at-top
args = self._args_factory(
Channel(pipe_input=input_r_fd_obj,
pipe_output=output_w_fd_obj))
extra_handles = [
fd.ToHandle() for fd in self._extra_file_descriptors
]
self._process_win = process.Process(
args,
[input_r_fd_obj.ToHandle(),
output_w_fd_obj.ToHandle()] + extra_handles)
else:
args = self._args_factory(
Channel(pipe_input=input_r_fd_obj,
pipe_output=output_w_fd_obj))
extra_fds = [
fd.ToFileDescriptor()
for fd in self._extra_file_descriptors
]
self._process = subprocess.Popen(
args,
close_fds=True,
pass_fds=[input_r_fd, output_w_fd] + extra_fds,
)
SubprocessServer._started_instances.add(self)
def testProcess(self):
extra_pipe_r, extra_pipe_w = process.CreatePipeWrapper()
def MakeCommandLine(pipe_input: int, pipe_output: int) -> str:
return " ".join([
sys.executable,
"-m",
"grr_response_client.unprivileged.windows.echo",
"--pipe_input",
str(pipe_input),
"--pipe_output",
str(pipe_output),
"--extra_pipe_input",
str(extra_pipe_r.value),
])
p = process.Process(MakeCommandLine, [extra_pipe_r.value])
win32file.WriteFile(p.input, b"foo")
win32file.WriteFile(extra_pipe_w.value, b"bar")
result = win32file.ReadFile(p.output, 9)[1]
self.assertEqual(result, b"foobar123")
p.Stop()
