Problem with .ghci (fwd)

Chris Webb chris@arachsys.com
11 Jul 2001 09:31:28 +0100


"Simon Peyton-Jones" <simonpj@microsoft.com> writes:

> | explicitly tell ghci that they're okay! Hand-holding w.r.t. 
> | 'insecure' file permissions has a nasty habit of becoming a 
> | nuisance in unusual cases the original authors hadn't thought of. :-(
> 
> Constructive suggestions for how to improve are welcome.
> What we are trying to avoid is obvious trojan horses, where
> X can persuade Y's ghci to do rm *.*.   This is bad.

Quite. I don't think there is a solution that's going to work everywhere
and the current version is simple and effective for most people. I fixed
my InteractiveUI.hs to ignore g+w if the group that owns the file is my
group, but that's completely wrong at sites which have some users in
shared groups. I guess there's no reliable general test for a UPG except
with local knowledge. There's certainly no fix for the shared directory
situation that isn't also going to let dubious .ghci files through
elsewhere.

Unfortunately I can't think of any better option than to leave it as it
is with a note in the manual indicating the default permissions-checking
behaviour is and where to look in the source to change it if necessary.

Cheers,
Chris.