#6017: Reading ./.ghci files raises security issues
---------------------------------+------------------------------------------
Reporter: nomeata | Owner: pminten
Type: task | Status: patch
Priority: high | Milestone: 7.8.1
Component: GHCi | Version: 7.4.1
Keywords: | Os: Unknown/Multiple
Architecture: Unknown/Multiple | Failure: Other
Difficulty: Unknown | Testcase:
Blockedby: | Blocking:
Related: |
---------------------------------+------------------------------------------
Comment(by igloo):
Hmm, I think there are 5 things we might want to do with a .ghci file:
1. Silently ignore it
2. Silently execute it
3. Warn the user that we are ignoring it
4. Warn the user that we are executing it
5. Ask the user what to do
although I'm not sure (4) is useful. Presumably "ghci -v" would tell you
anyway.
Perhaps we should have a `~/.ghc/ghci.config` and `~/.ghc/ghc-e.config` in
which you can say one of
{{{
evaluate-dot-ghci: no
evaluate-dot-ghci: yes
evaluate-dot-ghci: warn-no
evaluate-dot-ghci: warn-yes
evaluate-dot-ghci: ask
}}}
and likewise a way to white/blacklist particular paths in those files?
Default should probably be warn-no, and perhaps when creating the file
initially we should by default add an entry whitelisting ~/.ghci?
If we have a way to whitelist filenames, it would be straightforward to
allow filenames other than .ghci to be whitelisted, so for example you
could whitelist "/foo/bar/ghci-config" if you wanted to have ghci commands
with a non-dotfile filename in a project.
--
Ticket URL: <http://hackage.haskell.org/trac/ghc/ticket/6017#comment:6>
GHC <http://www.haskell.org/ghc/>
The Glasgow Haskell Compiler
_______________________________________________
Glasgow-haskell-bugs mailing list
Glasgow-haskell-bugs@haskell.org
http://www.haskell.org/mailman/listinfo/glasgow-haskell-bugs
