Python statsd python program & security

Alain De Vos

Son of Beastie

Reaction score: 796
Messages: 2,589

I have a statsd python program running on a public interface.
sockstat -46L gives:
Code:
USER     COMMAND    PID   FD PROTO  LOCAL ADDRESS         FOREIGN ADDRESS     
root     python3.8  89566 3  udp4   *:randomport               *:*
What are the security concerns ?
 

SirDice

Administrator
Staff member
Administrator
Moderator

Reaction score: 12,744
Messages: 39,332

What are the security concerns ?
Anyone could connect to it and if there's an exploitable bug in the code an attacker would have root access. Is there any type of authentication on the service? If not anyone could query it, which then leads to an information leak.
 

Tieks

Well-Known Member

Reaction score: 128
Messages: 307

# ps -ax | grep 89566 to find out which command/py-script started this process, then find out why it was started.
 
OP
Alain De Vos

Alain De Vos

Son of Beastie

Reaction score: 796
Messages: 2,589

Ports to other O.S. & distro's will have the same issue as they are all based on the same github source code.
 
Top