[GHC] #8248: GHCi should not warn if group writable
#8248: GHCi should not warn if group writable ----------------------------+---------------------------------------------- Reporter: afcowie | Owner: Type: bug | Status: new Priority: normal | Milestone: Component: GHCi | Version: 7.6.3 Keywords: | Operating System: Linux Architecture: | Type of failure: GHC rejects valid program Unknown/Multiple | Test Case: Difficulty: Unknown | Blocking: Blocked By: | Related Tickets: | ----------------------------+---------------------------------------------- Any number of Linux distros support the idea of user groups, whereby when a new user is created there is also simultaneously a group created with the same name; ie, instead of {{{ -rw-r--r--. 1 andrew users 19 Sep 5 08:29 ghci.conf }}} as us old traditionalists would have it, you get {{{ -rw-rw-r--. 1 andrew andrew 19 Sep 5 08:29 ghci.conf }}} because the umask in such cases is 0002 instead of 0022. There is entirely nothing unusual or incorrect about this approach, and it is followed, for example, in the Fedora family of distros. GHC, however, is being a bit silly in emitting the following: {{{ $ ghci GHCi, version 7.6.3: http://www.haskell.org/ghc/ :? for help Loading package ghc-prim ... linking ... done. Loading package integer-gmp ... linking ... done. Loading package base ... linking ... done. *** WARNING: /home/andrew/.ghc/ghci.conf is writable by someone else, IGNORING! Prelude> }}} Foremost the fact that the file is group writable is not a problem and the user's choice, //particularly// in this case because it's group writable in the user's group! Regardless of that, GHCi should not be ignoring files with other than 0644 permissions; this isn't `.ssh/`. Can this check and attendant behaviour be removed? AfC -- Ticket URL: http://ghc.haskell.org/trac/ghc/ticket/8248 GHC http://www.haskell.org/ghc/ The Glasgow Haskell Compiler
#8248: GHCi should not fail to honour ghci.conf or .ghci if group writable ----------------------------------------------+---------------------------- Reporter: afcowie | Owner: Type: bug | Status: new Priority: normal | Milestone: Component: GHCi | Version: 7.6.3 Resolution: | Keywords: Operating System: Linux | Architecture: Type of failure: GHC rejects valid program | Unknown/Multiple Test Case: | Difficulty: Unknown Blocking: | Blocked By: | Related Tickets: ----------------------------------------------+---------------------------- -- Ticket URL: http://ghc.haskell.org/trac/ghc/ticket/8248#comment:1 GHC http://www.haskell.org/ghc/ The Glasgow Haskell Compiler
#8248: GHCi should not fail to honour ghci.conf or .ghci if group writable -------------------------------------+------------------------------------- Reporter: afcowie | Owner: Type: bug | Status: new Priority: normal | Milestone: Component: GHCi | Version: 7.6.3 Resolution: | Keywords: Operating System: Linux | Architecture: Unknown/Multiple Type of failure: GHC | Difficulty: Unknown rejects valid program | Blocked By: Test Case: | Related Tickets: Blocking: | Differential Revisions: | -------------------------------------+------------------------------------- Changes (by thomie): * cc: hvr (added) Comment: Previous discussion: http://comments.gmane.org/gmane.comp.lang.haskell.glasgow.user/1690 https://www.haskell.org/pipermail/haskell-cafe/2010-December/087078.html I'm not sure what to do. You mention "when a new user is created there is also simultaneously a group created with the same name". Isn't it possible for other users to also be a member of that group (and even that the user owner isn't: user andrew doesn't need to be a member of group andrew)? Note: file permissions of `~/.pythonrc.py` are not checked at all. -- Ticket URL: http://ghc.haskell.org/trac/ghc/ticket/8248#comment:2 GHC http://www.haskell.org/ghc/ The Glasgow Haskell Compiler
#8248: GHCi should not fail to honour ghci.conf or .ghci if group writable -------------------------------------+------------------------------------- Reporter: afcowie | Owner: Type: bug | Status: new Priority: normal | Milestone: Component: GHCi | Version: 7.6.3 Resolution: | Keywords: Operating System: Linux | Architecture: Unknown/Multiple Type of failure: GHC | Difficulty: Unknown rejects valid program | Blocked By: Test Case: | Related Tickets: #9324 Blocking: | Differential Revisions: | -------------------------------------+------------------------------------- Changes (by thomie): * cc: mboes (added) * related: => #9324 Comment: cc mboes, since he was the last one to touch this code, and maybe has an opinion. -- Ticket URL: http://ghc.haskell.org/trac/ghc/ticket/8248#comment:3 GHC http://www.haskell.org/ghc/ The Glasgow Haskell Compiler
#8248: GHCi should not fail to honour ghci.conf or .ghci if group writable -------------------------------------+------------------------------------- Reporter: afcowie | Owner: Type: bug | Status: new Priority: normal | Milestone: Component: GHCi | Version: 7.6.3 Resolution: | Keywords: Operating System: Linux | Architecture: Unknown/Multiple Type of failure: GHC | Difficulty: Unknown rejects valid program | Blocked By: Test Case: | Related Tickets: #9324 Blocking: | Differential Revisions: | -------------------------------------+------------------------------------- Comment (by hvr): IMHO, `.ghci` is comparable to `.bash_profile`/`.bashrc` et al, in that it allows code to be injected if not properly protected against users. Otoh, maybe we could define a magic comment to be placed at the start of `.ghci` to disregard this protection. E.g. something simple as {{{ -- insecure :set ... :def ... }}} -- Ticket URL: http://ghc.haskell.org/trac/ghc/ticket/8248#comment:4 GHC http://www.haskell.org/ghc/ The Glasgow Haskell Compiler
#8248: GHCi should not fail to honour ghci.conf or .ghci if group writable -------------------------------------+------------------------------------- Reporter: afcowie | Owner: Type: bug | Status: new Priority: normal | Milestone: Component: GHCi | Version: 7.6.3 Resolution: | Keywords: Operating System: Linux | Architecture: Unknown/Multiple Type of failure: GHC | Difficulty: Unknown rejects valid program | Blocked By: Test Case: | Related Tickets: #9324 Blocking: | Differential Revisions: | -------------------------------------+------------------------------------- Comment (by mboes): This check used to make GHCi way too fussy, but I'm quite happy with the current compromise (check is ignored when providing -ghci-script explicitly, or when user is root). Perhaps just improve the warning message to explain to the user exactly what is making GHCi unhappy and how to fix it? A umask of 002 only affects the default permissions, but it's easy enough for the user to chmod to something known to be safe. -- Ticket URL: http://ghc.haskell.org/trac/ghc/ticket/8248#comment:5 GHC http://www.haskell.org/ghc/ The Glasgow Haskell Compiler
#8248: GHCi should not fail to honour ghci.conf or .ghci if group writable -------------------------------------+------------------------------------- Reporter: afcowie | Owner: Type: bug | Status: new Priority: normal | Milestone: Component: GHCi | Version: 7.6.3 Resolution: | Keywords: Operating System: Linux | Architecture: Unknown/Multiple Type of failure: GHC | Difficulty: Unknown rejects valid program | Blocked By: Test Case: | Related Tickets: #9324 Blocking: | Differential Revisions: | -------------------------------------+------------------------------------- Comment (by thomie):
Perhaps just improve the warning message to explain to the user exactly what is making GHCi unhappy and how to fix it?
Improving the current warning is certainly a good idea. For a discussion to make reading of .ghci files even stricter, see #6017. -- Ticket URL: http://ghc.haskell.org/trac/ghc/ticket/8248#comment:6 GHC http://www.haskell.org/ghc/ The Glasgow Haskell Compiler
#8248: GHCi should not fail to honour ghci.conf or .ghci if group writable -------------------------------------+------------------------------------- Reporter: afcowie | Owner: Type: bug | Status: new Priority: normal | Milestone: Component: GHCi | Version: 7.6.3 Resolution: | Keywords: newcomer Operating System: Linux | Architecture: Type of failure: GHC rejects | Unknown/Multiple valid program | Test Case: Blocked By: | Blocking: Related Tickets: #9324 | Differential Revisions: -------------------------------------+------------------------------------- Changes (by thomie): * keywords: => newcomer -- Ticket URL: http://ghc.haskell.org/trac/ghc/ticket/8248#comment:7 GHC http://www.haskell.org/ghc/ The Glasgow Haskell Compiler
#8248: GHCi should not fail to honour ghci.conf or .ghci if group writable -------------------------------------+------------------------------------- Reporter: afcowie | Owner: Type: bug | Status: new Priority: normal | Milestone: Component: GHCi | Version: 7.6.3 Resolution: | Keywords: newcomer Operating System: Linux | Architecture: Type of failure: GHC rejects | Unknown/Multiple valid program | Test Case: Blocked By: | Blocking: Related Tickets: #9324 | Differential Revisions: -------------------------------------+------------------------------------- Comment (by whisky): I'm taking a look at this bug. Would it suffice to include a comment to chmod 644 the .ghci file? I've tested it out and it works fine on my local machine after running the command. -- Ticket URL: http://ghc.haskell.org/trac/ghc/ticket/8248#comment:8 GHC http://www.haskell.org/ghc/ The Glasgow Haskell Compiler
#8248: GHCi should not fail to honour ghci.conf or .ghci if group writable -------------------------------------+------------------------------------- Reporter: afcowie | Owner: whisky Type: bug | Status: new Priority: normal | Milestone: Component: GHCi | Version: 7.6.3 Resolution: | Keywords: newcomer Operating System: Linux | Architecture: Type of failure: GHC rejects | Unknown/Multiple valid program | Test Case: Blocked By: | Blocking: Related Tickets: #9324 | Differential Revisions: -------------------------------------+------------------------------------- Changes (by whisky): * owner: => whisky -- Ticket URL: http://ghc.haskell.org/trac/ghc/ticket/8248#comment:9 GHC http://www.haskell.org/ghc/ The Glasgow Haskell Compiler
#8248: GHCi should not fail to honour ghci.conf or .ghci if group writable -------------------------------------+------------------------------------- Reporter: afcowie | Owner: whisky Type: bug | Status: patch Priority: normal | Milestone: 7.12.1 Component: GHCi | Version: 7.6.3 Resolution: | Keywords: newcomer Operating System: Linux | Architecture: Type of failure: GHC rejects | Unknown/Multiple valid program | Test Case: Blocked By: | Blocking: Related Tickets: #9324 | Differential Revisions: Phab:D805 -------------------------------------+------------------------------------- Changes (by thomie): * status: new => patch * differential: => Phab:D805 * milestone: => 7.12.1 -- Ticket URL: http://ghc.haskell.org/trac/ghc/ticket/8248#comment:10 GHC http://www.haskell.org/ghc/ The Glasgow Haskell Compiler
#8248: GHCi should not fail to honour ghci.conf or .ghci if group writable -------------------------------------+------------------------------------- Reporter: afcowie | Owner: whisky Type: bug | Status: patch Priority: normal | Milestone: 7.12.1 Component: GHCi | Version: 7.6.3 Resolution: | Keywords: newcomer Operating System: Linux | Architecture: Type of failure: GHC rejects | Unknown/Multiple valid program | Test Case: Blocked By: | Blocking: Related Tickets: #9324 | Differential Revisions: Phab:D805 -------------------------------------+------------------------------------- Comment (by afcowie): Of course the user can use chmod. The point is they shouldn't have to. If they (or their distro) chooses to make the file group writable, it's not an increased attack surface. You're just screwing the user. AfC -- Ticket URL: http://ghc.haskell.org/trac/ghc/ticket/8248#comment:11 GHC http://www.haskell.org/ghc/ The Glasgow Haskell Compiler
#8248: GHCi should not fail to honour ghci.conf or .ghci if group writable
-------------------------------------+-------------------------------------
Reporter: afcowie | Owner: whisky
Type: bug | Status: patch
Priority: normal | Milestone: 7.12.1
Component: GHCi | Version: 7.6.3
Resolution: | Keywords: newcomer
Operating System: Linux | Architecture:
Type of failure: GHC rejects | Unknown/Multiple
valid program | Test Case:
Blocked By: | Blocking:
Related Tickets: #9324 | Differential Revisions: Phab:D805
-------------------------------------+-------------------------------------
Comment (by Thomas Miedema
#8248: GHCi should not fail to honour ghci.conf or .ghci if group writable -------------------------------------+------------------------------------- Reporter: afcowie | Owner: whisky Type: bug | Status: closed Priority: normal | Milestone: 7.12.1 Component: GHCi | Version: 7.6.3 Resolution: wontfix | Keywords: Operating System: Linux | Architecture: Type of failure: GHC rejects | Unknown/Multiple valid program | Test Case: Blocked By: | Blocking: Related Tickets: #9324 | Differential Revisions: Phab:D805 -------------------------------------+------------------------------------- Changes (by thomie): * keywords: newcomer => * status: patch => closed * resolution: => wontfix Comment: afcowie: I don't think there is a consensus to remove the current check. Please use #6017 for further discussion. For reference, this feature was introduced 14 years ago, in commit dfbbfedc7e68d3095a37e4359b69eccc27e5398c: {{{ Author: simonmar <unknown> Date: Fri May 4 14:56:53 2001 +0000 [project @ 2001-05-04 14:56:53 by simonmar] - only read ~/.ghci if it is owned by the current user and isn't writable by anyone else. - Only read ./.ghci if both . and ./.ghci are owned by the current user and aren't writable by anyone else. I think this is sufficient: we don't need to check .. and ../.. etc. because "." always refers to the same directory while a process is running. ... }}} -- Ticket URL: http://ghc.haskell.org/trac/ghc/ticket/8248#comment:13 GHC http://www.haskell.org/ghc/ The Glasgow Haskell Compiler
#8248: GHCi should not fail to honour ghci.conf or .ghci if group writable -------------------------------------+------------------------------------- Reporter: afcowie | Owner: whisky Type: bug | Status: closed Priority: normal | Milestone: 7.10.2 Component: GHCi | Version: 7.6.3 Resolution: wontfix | Keywords: Operating System: Linux | Architecture: Type of failure: GHC rejects | Unknown/Multiple valid program | Test Case: Blocked By: | Blocking: Related Tickets: #9324 | Differential Revisions: Phab:D805 -------------------------------------+------------------------------------- Changes (by thoughtpolice): * milestone: 7.12.1 => 7.10.2 Comment: I went ahead and picked this into the `ghc-7.10` branch; see 53f723589819f5e232d2333a993a4d0341702dc4. -- Ticket URL: http://ghc.haskell.org/trac/ghc/ticket/8248#comment:14 GHC http://www.haskell.org/ghc/ The Glasgow Haskell Compiler
#8248: GHCi should not fail to honour ghci.conf or .ghci if group writable -------------------------------------+------------------------------------- Reporter: afcowie | Owner: whisky Type: bug | Status: closed Priority: normal | Milestone: 7.10.2 Component: GHCi | Version: 7.6.3 Resolution: wontfix | Keywords: Operating System: Linux | Architecture: Type of failure: GHC rejects | Unknown/Multiple valid program | Test Case: Blocked By: | Blocking: Related Tickets: #9324 | Differential Rev(s): Phab:D805 Wiki Page: | -------------------------------------+------------------------------------- Comment (by anohigisavay): I just got hit by this issue. I have been using ACL for more granular permission control. I created two users to access different desktop environments to avoid certain conflict issues, while essentially they are the same user and should be able to access each other's home directory without any problem. When ACL is enabled the group permission bits in the traditional UGO mechanism act as the mask for ACL (i.e. the maximum available permission for ACL_USER, ACL_GROUP_OBJ and ACL_GROUP). Thus it must be set to `rw-` instead of `r--`. This limitation renders ACL ineffective for the home directory. While it is obviously overkilling for GHCi to consider all these security enhancement mechanisms (SELinux and others also exist), I suggest we can leave the choice between security and flexibility to the users. -- Ticket URL: http://ghc.haskell.org/trac/ghc/ticket/8248#comment:15 GHC http://www.haskell.org/ghc/ The Glasgow Haskell Compiler
participants (1)
-
GHC