Problem with .ghci (fwd)

Chris Webb chris@arachsys.com
11 Jul 2001 00:00:37 +0100


Michael Weber <michaelw@foldr.org> writes:

> On Tue, Jul 10, 2001 at 19:54:11 +0100, Chris Webb wrote:
> > Jose Emilio Labra Gayo <labra@pinon.ccu.uniovi.es> writes:
> > 
> > > However, if I write my own ".ghci", I obtain:
> > [...]
> > > *** WARNING: ./.ghci is writable by someone else, IGNORING!
> 
> > If doing this annoys you too much, I guess you could easily fix the
> > checkPerms function (somewhere around line 200 of InteractiveUI.hs)
> > to understand that if you're the only member of a group, it doesn't
> > matter whether or not g+w is set.
> 
> erm, how about leaving this intact and setting the umask instead to
> 022? There was a reason to stick this code there...

I'm aware of the intent behind the check, which is why I suggested the
poster hack his local ghci to be aware of the (popular) special case
rather than removing the code altogether. There are no security issues
in allowing g+w if and only if the file group is the user's private
group that aren't also problems with the original check. Varying a
perfectly sensible local policy to suit the over-enthusiastic
permissions checks of a particular piece of software isn't really a nice
solution!

In practice this test is also broken in the context of source
directories shared between different users, which is where it bit me.
You might already be running code written by others and hence
deliberately trusting them completely, but there's no way to use the
shared .ghci files---you can't even explicitly tell ghci that they're
okay! Hand-holding w.r.t. 'insecure' file permissions has a nasty habit
of becoming a nuisance in unusual cases the original authors hadn't
thought of. :-(

Cheers,
Chris.