ghci and user private groups

Jason Dusek jason.dusek at
Wed Dec 3 01:46:16 EST 2008

Duncan Coutts <duncan.coutts at> wrote:
> Jason Dusek wrote:
> > I appreciate what you guys are trying to do, but I at the
> > very least, it should be permitted to use a GHCi that is
> > group readable/writable as long as the group name and user
> > name are the same.
> Hmm. That's a convention but it doesn't have any particular
> semantics in unix security.

  It is a common convention, of great practical value.
  Unfortunately, UNIX security is very much a matter of

> If it really is only you in that group then why does it need
> to be group writable? Isn't that the simple workaround?

  It is not abnormal to have a umask of 00x when using user
  private groups, the idea being, when you are actually in a
  public folder with public ownership, the permissions will be
  set correctly for collaborators. With this umask, all
  temporary '.ghci' files are created with permissions that are
  incompatible with GHCi.

> I'm not sure they can do away with it completely. The problem
> of course is that some other user could drop a .ghci file and
> run arbitrary IO actions as you.

  I appreciate that, in the general case, a malicious person
  could place '.ghci' files in random places all over the
  filesystem, hoping someone will be so unlucky as to start a
  GHCi session there. User private groups do provide a way to
  avert this danger -- check that the only member of the owning
  group is the active user -- so there is no need to worry in
  that specific case. (Or is there? I will think about it for a
  spell, but I am pretty sure.)


More information about the Glasgow-haskell-users mailing list