Open eloquence opened 3 years ago
Informational finding TOB-SDW-021 from the 2020 SecureDrop Workstation audit (PDF) recommends using Popen.communicate() , Popen.wait() or Popen.terminate() in cases like this where we currently spawn processes like so:
TOB-SDW-021
Popen.communicate()
Popen.wait()
Popen.terminate()
https://github.com/freedomofpress/securedrop-export/blob/34a8cf6/securedrop_export/disk/actions.py#L48-L52
Quoth the report:
If those processes close their stdout, the securedrop-export will process their stdout, while they will further operate in the background.
securedrop-export
The report recommends passing timeouts "to make sure the spawned processes don't halt the SecureDrop programs completely."
(Tracked as epic; we'll likely want to identify a consistent approach across the board and then enumerate all calls that should be updated.)
Informational finding
TOB-SDW-021
from the 2020 SecureDrop Workstation audit (PDF) recommends usingPopen.communicate()
,Popen.wait()
orPopen.terminate()
in cases like this where we currently spawn processes like so:https://github.com/freedomofpress/securedrop-export/blob/34a8cf6/securedrop_export/disk/actions.py#L48-L52
Quoth the report:
The report recommends passing timeouts "to make sure the spawned processes don't halt the SecureDrop programs completely."