Package: guile-2.0 Version: 2.0.11+1-1 Tags: security Guile automatically byte-compiles programs when they are run, and places the byte-compiled file in a subdirectory of $HOME/.cache/guile/.
However, the permissions of the byte-compiled file are derived from umask rather than the permissions of the source file. This means that sensitive data (e.g. a hard-coded password) contained in a source file with restrictive permissions will be copied into a byte-compiled file that may be world-readable. Guile should ensure that the permissions of byte-compiled files match those of the source. Example: $ touch myscript $ chmod 700 myscript # source file readable only to owner $ cat >> myscript <<'EOF' #!/usr/bin/guile \ -e main -s !# (define secret-password "DEADBEEFDEADBEEF") (define (main args) (display "this program contains an embedded secret") (newline)) EOF $ ./myscript ;;; note: auto-compilation is enabled, set GUILE_AUTO_COMPILE=0 ;;; or pass the --no-auto-compile argument to disable. ;;; compiling /home/rwp/./myscript ;;; compiled /home/rwp/.cache/guile/ccache/2.0-LE-4-2.0/home/rwp/myscript.go this program contains an embedded secret $ ls -l ~rwp/.cache/guile/ccache/2.0-LE-4-2.0/home/rwp/myscript.go -rw-r--r-- 1 rwp rwp 456 Jul 1 12:00 /home/[...]/myscript.go # ^^ Note that the byte-compiled file is world-readable $ strings ~rwp/.cache/guile/ccache/2.0-LE-4-2.0/home/rwp/myscript.go [...] DEADBEEFDEADBEEF secret-password [...] -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
