ghci and user private groups
Jason Dusek
jason.dusek at gmail.com
Wed Dec 3 01:46:16 EST 2008
Duncan Coutts <duncan.coutts at worc.ox.ac.uk> wrote:
> Jason Dusek wrote:
> > I appreciate what you guys are trying to do, but I at the
> > very least, it should be permitted to use a GHCi that is
> > group readable/writable as long as the group name and user
> > name are the same.
>
> Hmm. That's a convention but it doesn't have any particular
> semantics in unix security.
It is a common convention, of great practical value.
Unfortunately, UNIX security is very much a matter of
conventions.
> If it really is only you in that group then why does it need
> to be group writable? Isn't that the simple workaround?
It is not abnormal to have a umask of 00x when using user
private groups, the idea being, when you are actually in a
public folder with public ownership, the permissions will be
set correctly for collaborators. With this umask, all
temporary '.ghci' files are created with permissions that are
incompatible with GHCi.
> I'm not sure they can do away with it completely. The problem
> of course is that some other user could drop a .ghci file and
> run arbitrary IO actions as you.
I appreciate that, in the general case, a malicious person
could place '.ghci' files in random places all over the
filesystem, hoping someone will be so unlucky as to start a
GHCi session there. User private groups do provide a way to
avert this danger -- check that the only member of the owning
group is the active user -- so there is no need to worry in
that specific case. (Or is there? I will think about it for a
spell, but I am pretty sure.)
--
_jsn
More information about the Glasgow-haskell-users
mailing list