#8058: If .ghci is a symlink, permissions aren't read correctly -------------------------------+------------------------------------------- Reporter: berdario | Owner: Type: bug | Status: closed Priority: low | Milestone: Component: GHCi | Version: 7.6.2 Resolution: invalid | Keywords: Operating System: | Architecture: Unknown/Multiple Unknown/Multiple | Difficulty: Easy (less than 1 hour) Type of failure: Other | Blocked By: Test Case: | Related Tickets: Blocking: | -------------------------------+------------------------------------------- Changes (by leroux): * status: new => closed * resolution: => invalid Comment: Reformatted output from berdario: {{{ $ ls -l .ghci lrwxrwxrwx 1 dario dario 40 Jul 14 15:27 .ghci -> /home/dario/.dotfiles/dotfiles/ghci.conf $ ls -l (readlink -f .ghci) -rw-r--r-- 1 dario dario 10 Jul 14 15:25 /home/dario/.dotfiles/dotfiles/ghci.conf $ ghci GHCi, version 7.6.2: http://www.haskell.org/ghc/ :? for help Loading package ghc-prim ... linking ... done. Loading package integer-gmp ... linking ... done. Loading package base ... linking ... done. * WARNING: /home/dario/.dotfiles/dotfiles is writable by someone else, IGNORING! Prelude> }}} The attacker could symlink `.ghci` to another file which has malicious code. ---- Output from my system: {{{ $ ls -l .ghci lrwxr-xr-x 1 leroux staff 44 Jul 30 10:02 .ghci -> /Users/leroux/.dotfiles/haskell/ghci.symlink $ ls -l `readlink .ghci` -rwxr-x--- 1 leroux staff 338 Sep 22 18:59 /Users/leroux/.dotfiles/haskell/ghci.symlink }}} ---- Fix: {{{ $ chmod 755 .ghci }}} -- Ticket URL: http://ghc.haskell.org/trac/ghc/ticket/8058#comment:2 GHC http://www.haskell.org/ghc/ The Glasgow Haskell Compiler