[tor-bugs] #8274 [Tor bundles/installation]: PyInstaller binaries have build username in them

Tor Bug Tracker & Wiki blackhole at torproject.org
Tue Feb 19 17:34:17 UTC 2013 

#8274: PyInstaller binaries have build username in them
--------------------------------------+-------------------------------------
 Reporter:  dcf                       |          Owner:  erinn
     Type:  defect                    |         Status:  new  
 Priority:  normal                    |      Milestone:       
Component:  Tor bundles/installation  |        Version:       
 Keywords:                            |         Parent:       
   Points:                            |   Actualpoints:       
--------------------------------------+-------------------------------------
 A VirusTotal analysis of `flashproxy-client.exe` from the 2.4.7-alpha-1
 bundles shows that it is trying to open files under the user name of the
 user who built the packages (`C:\Users\aallai`).

 https://www.virustotal.com/en/file/2a49d4f5605ebe92e5c41a122795edcae726fe046a303874f123d0ecee856fce/analysis
 /#behavioural-info
 {{{
 C:\2a49d4f5605ebe92e5c41a122795edcae726fe046a303874f123d0ecee856fce
 (successful)
 C: (failed)
 C:\WINDOWS\system32 (failed)
 <string> (failed)
 C:\WINDOWS\system32\<string> (failed)
 C:\2a49d4f5605ebe92e5c41a122795edcae726fe046a303874f123d0ecee856fce?175104\<string>
 (failed)
 C:\Users\aallai\pyinstaller-2.0\PyInstaller\loader\iu.py (failed)
 C:\WINDOWS\system32\iu.py (failed)
 C:\2a49d4f5605ebe92e5c41a122795edcae726fe046a303874f123d0ecee856fce?175104\iu.py
 (failed)
 C:\Users\aallai\flashproxy\pyinstaller-
 tmp/build\out00-PYZ.pyz\BaseHTTPServer (failed)
 C:\WINDOWS\system32\BaseHTTPServer (failed)
 C:\2a49d4f5605ebe92e5c41a122795edcae726fe046a303874f123d0ecee856fce?175104\BaseHTTPServer
 (failed)
 C:\Users\aallai\flashproxy\pyinstaller-tmp/build\out00-PYZ.pyz\socket
 (failed)
 C:\WINDOWS\system32\socket (failed)
 C:\2a49d4f5605ebe92e5c41a122795edcae726fe046a303874f123d0ecee856fce?175104\socket
 (failed)
 }}}

 Same thing happens with the 2.4.7-test-1 bundles I built myself
 (`C:\cygwin\home\zap`):
 https://www.virustotal.com/en/file/3b144be171f6b9bbf0d7727361d820f5fdad01b09e08d49375238d529fc842cc/analysis
 /#behavioural-info

 Probably other binaries are similarly affected. We should see if there is
 a way to disable it. Something could go wrong if there happens to be
 existing files under those names on computers on which the binaries are
 installed.

 I'm assuming that the long names like
 {{{
 C:\3b144be171f6b9bbf0d7727361d820f5fdad01b09e08d49375238d529fc842cc
 (successful)
 }}}
 are a PyInstaller artifact.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/8274>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list