Python statsd python program & security

Alain De Vos

Daemon

Reaction score: 739
Messages: 2,456

I have a statsd python program running on a public interface.
sockstat -46L gives:
Code:
USER     COMMAND    PID   FD PROTO  LOCAL ADDRESS         FOREIGN ADDRESS     
root     python3.8  89566 3  udp4   *:randomport               *:*
What are the security concerns ?
 

SirDice

Administrator
Staff member
Administrator
Moderator

Reaction score: 12,677
Messages: 39,278

What are the security concerns ?
Anyone could connect to it and if there's an exploitable bug in the code an attacker would have root access. Is there any type of authentication on the service? If not anyone could query it, which then leads to an information leak.
 

Tieks

Well-Known Member

Reaction score: 124
Messages: 305

# ps -ax | grep 89566 to find out which command/py-script started this process, then find out why it was started.
 
OP
Alain De Vos

Alain De Vos

Daemon

Reaction score: 739
Messages: 2,456

Ports to other O.S. & distro's will have the same issue as they are all based on the same github source code.
 
Top