* "BENNETT,ANDY (HP-Unitedkingdom,ex1)" <[EMAIL PROTECTED]> [2001-04-27T15:10+0100]:
> While I agree that there is a potential security hole, I think it is
> something that you could possibly tackle with the OS security mechanisms. I
> don't know much about Windows, or other Unix platforms, but if they are the
> same as HP-UX doing the following will let you have a group writable
> directory, with a .ghci only modifyable by the owner (and not deletable or
> renamable either). Make sure the permissions on things are as follows:
[...]
> No one other than the user (owner) may touch the contents of the file then
> even though others may use the directory.
The problem is with directories like /tmp, or more generally
directories, which are not under the user's immediate control.
$ echo ':! some-evil-script.sh' > /tmp/.ghci
Then wait, until somebody steps into the boobie trap: if one cd's to
/tmp and executes ghci (to test stuff, for example; i do this
frequently) there the script gets executed. I think that was
Michal's original point.
BTW: not allowing :! isn't enough, you can still use other tricks to
(over)write files or even start programs...
So, I think a safe solution is to ensure that the .ghci file belongs
to the user. Checking for decent permissions would increase security,
but well, IMO it's the users' fault, if he creates a 777 .ghci :-P
Cheers,
Michael
--
() ASCII ribbon campaign | Chair for Computer Science II | GPG: F65C68CD
/\ against HTML mail | RWTH Aachen, Germany | PGP: 1D0DD0B9
_______________________________________________
Glasgow-haskell-bugs mailing list
[EMAIL PROTECTED]
http://www.haskell.org/mailman/listinfo/glasgow-haskell-bugs
