[Haskell-cafe] Problematic fixed "stack ghci" temporary script (parent) directory

Viktor Dukhovni ietf-dane at dukhovni.org
Sun Oct 6 20:21:56 UTC 2019 

On Sun, Oct 06, 2019 at 11:24:50AM -0500, Vanessa McHale wrote:

> Does "cabal repl" work?

With "cabal new-repl" I see the unique directory created directly under /tmp,
with no fixed intermediate ancestor:

    drwx------  3 viktor  wheel         128 Oct  6 15:58 cabal-repl.-30676

this looks reasonably safe and should work fine on multi-user systems.

A system-call trace (with names for some predicted pids pre-created)
shows that the mkdir(2) starts at the process id, and retries on
failure with ++pid:

    30989: getpid()                                  = 30989 (0x790d)
    30989: mkdir("/tmp/cabal-repl.-30989",0700)      ERR#17 'File exists'
    30989: mkdir("/tmp/cabal-repl.-30990",0700)      ERR#17 'File exists'
    30989: mkdir("/tmp/cabal-repl.-30991",0700)      ERR#17 'File exists'
    30989: mkdir("/tmp/cabal-repl.-30992",0700)      ERR#17 'File exists'
    30989: mkdir("/tmp/cabal-repl.-30993",0700)      ERR#17 'File exists'
    30989: mkdir("/tmp/cabal-repl.-30994",0700)      ERR#17 'File exists'
    30989: mkdir("/tmp/cabal-repl.-30995",0700)      ERR#17 'File exists'
    30989: mkdir("/tmp/cabal-repl.-30996",0700)      ERR#17 'File exists'
    30989: mkdir("/tmp/cabal-repl.-30997",0700)      ERR#17 'File exists'
    30989: mkdir("/tmp/cabal-repl.-30998",0700)      ERR#17 'File exists'
    30989: mkdir("/tmp/cabal-repl.-30999",0700)      ERR#17 'File exists'
    30989: mkdir("/tmp/cabal-repl.-31000",0700)      = 0 (0x0)

So this can be DoSed by a determined hostile user, but if, as is
typical, there are no per-user quotas in /tmp, one can also just
consume all the available free space in /tmp, ...

Adding a second less predictable name component to the pid, (say
microsecond time, or a random number) is perhaps better, but not
very compelling.

With "cabal v1-repl", I did't see any temp files created right away,
but after loading a module, I see:

    31288: mkdir("/tmp/ghc31288_0",0777)             ERR#17 'File exists'
    31288: mkdir("/tmp/ghc31288_1",0777)             ERR#17 'File exists'
    31288: mkdir("/tmp/ghc31288_2",0777)             ERR#17 'File exists'
    31288: mkdir("/tmp/ghc31288_3",0777)             ERR#17 'File exists'
    31288: mkdir("/tmp/ghc31288_4",0777)             = 0 (0x0)

which is somewhat better than incrementing the pid.
 
-- 
	Viktor.

More information about the Haskell-Cafe mailing list