[GHC] #8058: If .ghci is a symlink, permissions aren't read correctly
GHC
ghc-devs at haskell.org
Sun Jul 14 15:41:00 CEST 2013
#8058: If .ghci is a symlink, permissions aren't read correctly
-------------------------------------------+-------------------------------
Reporter: berdario | Owner:
Type: bug | Status: new
Priority: low | Milestone:
Component: GHCi | Version: 7.6.2
Keywords: | Operating System:
Architecture: Unknown/Multiple | Unknown/Multiple
Difficulty: Easy (less than 1 hour) | Type of failure: Other
Blocked By: | Test Case:
Related Tickets: | Blocking:
-------------------------------------------+-------------------------------
dario at macbook ~> ls -l .ghci
lrwxrwxrwx 1 dario dario 40 Jul 14 15:27 .ghci ->
/home/dario/.dotfiles/dotfiles/ghci.conf
dario at macbook ~> ls -l (readlink -f .ghci)
-rw-r--r-- 1 dario dario 10 Jul 14 15:25
/home/dario/.dotfiles/dotfiles/ghci.conf
dario at macbook ~> ghci
GHCi, version 7.6.2: http://www.haskell.org/ghc/ :? for help
Loading package ghc-prim ... linking ... done.
Loading package integer-gmp ... linking ... done.
Loading package base ... linking ... done.
*** WARNING: /home/dario/.dotfiles/dotfiles is writable by someone else,
IGNORING!
Prelude>
Obviously, /home/dario/.dotfiles/dotfiles isn't writable by someone
else...
Someone else could actually delete the symlink and maybe recreate it...
but it couldn't inject malicious commands in the .ghci, unless the file
pointed by the symlink was also writable by the attacker, in which case,
checking the permissions of the target of the symlink would still prevent
any wrongdoing
--
Ticket URL: <http://ghc.haskell.org/trac/ghc/ticket/8058>
GHC <http://www.haskell.org/ghc/>
The Glasgow Haskell Compiler
More information about the ghc-tickets
mailing list