[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-bugs] #8274 [Tor bundles/installation]: PyInstaller binaries have build username in them
#8274: PyInstaller binaries have build username in them
--------------------------------------+-------------------------------------
Reporter: dcf | Owner: erinn
Type: defect | Status: new
Priority: normal | Milestone:
Component: Tor bundles/installation | Version:
Keywords: | Parent:
Points: | Actualpoints:
--------------------------------------+-------------------------------------
A VirusTotal analysis of `flashproxy-client.exe` from the 2.4.7-alpha-1
bundles shows that it is trying to open files under the user name of the
user who built the packages (`C:\Users\aallai`).
https://www.virustotal.com/en/file/2a49d4f5605ebe92e5c41a122795edcae726fe046a303874f123d0ecee856fce/analysis
/#behavioural-info
{{{
C:\2a49d4f5605ebe92e5c41a122795edcae726fe046a303874f123d0ecee856fce
(successful)
C: (failed)
C:\WINDOWS\system32 (failed)
<string> (failed)
C:\WINDOWS\system32\<string> (failed)
C:\2a49d4f5605ebe92e5c41a122795edcae726fe046a303874f123d0ecee856fce?175104\<string>
(failed)
C:\Users\aallai\pyinstaller-2.0\PyInstaller\loader\iu.py (failed)
C:\WINDOWS\system32\iu.py (failed)
C:\2a49d4f5605ebe92e5c41a122795edcae726fe046a303874f123d0ecee856fce?175104\iu.py
(failed)
C:\Users\aallai\flashproxy\pyinstaller-
tmp/build\out00-PYZ.pyz\BaseHTTPServer (failed)
C:\WINDOWS\system32\BaseHTTPServer (failed)
C:\2a49d4f5605ebe92e5c41a122795edcae726fe046a303874f123d0ecee856fce?175104\BaseHTTPServer
(failed)
C:\Users\aallai\flashproxy\pyinstaller-tmp/build\out00-PYZ.pyz\socket
(failed)
C:\WINDOWS\system32\socket (failed)
C:\2a49d4f5605ebe92e5c41a122795edcae726fe046a303874f123d0ecee856fce?175104\socket
(failed)
}}}
Same thing happens with the 2.4.7-test-1 bundles I built myself
(`C:\cygwin\home\zap`):
https://www.virustotal.com/en/file/3b144be171f6b9bbf0d7727361d820f5fdad01b09e08d49375238d529fc842cc/analysis
/#behavioural-info
Probably other binaries are similarly affected. We should see if there is
a way to disable it. Something could go wrong if there happens to be
existing files under those names on computers on which the binaries are
installed.
I'm assuming that the long names like
{{{
C:\3b144be171f6b9bbf0d7727361d820f5fdad01b09e08d49375238d529fc842cc
(successful)
}}}
are a PyInstaller artifact.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/8274>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs