On Sun, Oct 06, 2019 at 11:24:50AM -0500, Vanessa McHale wrote:
Does "cabal repl" work?
With "cabal new-repl" I see the unique directory created directly under /tmp, with no fixed intermediate ancestor: drwx------ 3 viktor wheel 128 Oct 6 15:58 cabal-repl.-30676 this looks reasonably safe and should work fine on multi-user systems. A system-call trace (with names for some predicted pids pre-created) shows that the mkdir(2) starts at the process id, and retries on failure with ++pid: 30989: getpid() = 30989 (0x790d) 30989: mkdir("/tmp/cabal-repl.-30989",0700) ERR#17 'File exists' 30989: mkdir("/tmp/cabal-repl.-30990",0700) ERR#17 'File exists' 30989: mkdir("/tmp/cabal-repl.-30991",0700) ERR#17 'File exists' 30989: mkdir("/tmp/cabal-repl.-30992",0700) ERR#17 'File exists' 30989: mkdir("/tmp/cabal-repl.-30993",0700) ERR#17 'File exists' 30989: mkdir("/tmp/cabal-repl.-30994",0700) ERR#17 'File exists' 30989: mkdir("/tmp/cabal-repl.-30995",0700) ERR#17 'File exists' 30989: mkdir("/tmp/cabal-repl.-30996",0700) ERR#17 'File exists' 30989: mkdir("/tmp/cabal-repl.-30997",0700) ERR#17 'File exists' 30989: mkdir("/tmp/cabal-repl.-30998",0700) ERR#17 'File exists' 30989: mkdir("/tmp/cabal-repl.-30999",0700) ERR#17 'File exists' 30989: mkdir("/tmp/cabal-repl.-31000",0700) = 0 (0x0) So this can be DoSed by a determined hostile user, but if, as is typical, there are no per-user quotas in /tmp, one can also just consume all the available free space in /tmp, ... Adding a second less predictable name component to the pid, (say microsecond time, or a random number) is perhaps better, but not very compelling. With "cabal v1-repl", I did't see any temp files created right away, but after loading a module, I see: 31288: mkdir("/tmp/ghc31288_0",0777) ERR#17 'File exists' 31288: mkdir("/tmp/ghc31288_1",0777) ERR#17 'File exists' 31288: mkdir("/tmp/ghc31288_2",0777) ERR#17 'File exists' 31288: mkdir("/tmp/ghc31288_3",0777) ERR#17 'File exists' 31288: mkdir("/tmp/ghc31288_4",0777) = 0 (0x0) which is somewhat better than incrementing the pid. -- Viktor.