Python Module with FreeRADIUS 3.0.15

Gary Gwin garygwin at
Wed Dec 13 21:00:02 CET 2017

Is anyone using the 3.0.15 release with the Python module on Unbuntu 14.04

Could FR-AD-002 (v3) have broken?


FR-AD-002 (v3) String lifetime issues in rlm_python

Issue: The PySys_SetPath() and PySys_SetName() functions require a
long-lived pointer to the path / name.

Impact: Potential crash.

Exploit vector: Administrators who have write access to the server
configuration files.

Fix: Use a long-lived string instead of a short-lived one. Fixed in

CVE: No CVE has been release as this issue has no impact, and exploitation
does not cross a privilege boundary in a correct and realistic product

On Tue, Dec 12, 2017 at 6:01 PM, Gary Gwin <garygwin at> wrote:

> Trying to implement just the basic Python example as documented is not
> working with the FreeRADIUS 3.0.15 build on Unbuntu 14.04. After enabling
> and running "freeradius -X", FreeRADIUS exits with only this:
> # Instantiating module "python" from file /etc/freeradius/mods-enabled/
> python
> Python version: 2.7.6 (default, Oct 26 2016, 20:33:43)  [GCC 4.8.4]
> Other than enabling the the python module, the only other change was to
> enable the python_path and uncomment the "func_authorize = authorize" line
> in mods-available/python. The example.pyc is not created.
> Everything was working swimmingly under FreeRADIUS 3.0.12.
> Any ideas?
> Thanks,
> Gary

More information about the Freeradius-Users mailing list