Prevent race condition in guarded_import (#125)

Co-authored-by: Jens Vagelpohl <jens@plyp.com>

CHANGES.rst

@@ -6,7 +6,8 @@ For changes before version 3.0, see ``HISTORY.rst``.
 5.4 (unreleased)
 ----------------
 
-- Nothing changed yet.
+- Prevent race condition in guarded_import
+  (see `#123 <https://github.com/zopefoundation/AccessControl/issues/123>`_)
 
 
 5.3 (2022-02-25)

src/AccessControl/SecurityInfo.py

@@ -270,10 +270,15 @@ def secureModule(mname, *imp):
 
     if imp:
         __import__(mname, *imp)
-    del _moduleSecurity[mname]
     module = sys.modules[mname]
     modsec.apply(module.__dict__)
     _appliedModuleSecurity[mname] = modsec
+    try:
+        del _moduleSecurity[mname]
+    except KeyError:
+        # In case of access from multiple threads, the del might fail, but that
+        # is OK.
+        pass
     return module
 
 

src/AccessControl/tests/testModuleSecurity.py

@@ -70,6 +70,25 @@ def testPublicModule(self):
         self.assertAuth('AccessControl.tests.public_module.submodule',
                         ('pub',))
 
+    def testPublicModuleThreaded(self):
+        """
+        Import the same module from two threads simultaneously, checking that
+        this does not result in a race condition.
+        """
+        import threading
+        finished = []
+
+        def threaded_run():
+            self.assertAuth('AccessControl.tests.public_module', ())
+            finished.append(True)
+
+        threads = [threading.Thread(target=threaded_run) for _ in range(2)]
+
+        [t.start() for t in threads]
+        [t.join() for t in threads]
+
+        self.assertEqual(len(finished), 2)
+
     def test_public_module_asterisk_not_allowed(self):
         self.assertUnauth('AccessControl.tests.public_module', ('*',))