subject:"\[GHC\] #5269\: RTS flag decoding broken"

Re: [GHC] #5269: RTS flag decoding broken

2011-06-27 Thread GHC

#5269: RTS flag decoding broken
-+--
Reporter:  augustss  |   Owner:
Type:  bug   |  Status:  new   
Priority:  normal|   Component:  Runtime System
 Version:  7.0.4 |Keywords:
Testcase:|   Blockedby:
  Os:  Unknown/Multiple  |Blocking:
Architecture:  Unknown/Multiple  | Failure:  None/Unknown  
-+--
Changes (by PHO):

 * cc: pho@… (added)


-- 
Ticket URL: http://hackage.haskell.org/trac/ghc/ticket/5269#comment:1
GHC http://www.haskell.org/ghc/
The Glasgow Haskell Compiler

___
Glasgow-haskell-bugs mailing list
Glasgow-haskell-bugs@haskell.org
http://www.haskell.org/mailman/listinfo/glasgow-haskell-bugs

Re: [GHC] #5269: RTS flag decoding broken

2011-06-27 Thread GHC

#5269: RTS flag decoding broken
-+--
  Reporter:  augustss|  Owner:  
  Type:  bug | Status:  closed  
  Priority:  normal  |  Milestone:  
 Component:  Runtime System  |Version:  7.0.4   
Resolution:  wontfix |   Keywords:  
  Testcase:  |  Blockedby:  
Difficulty:  | Os:  Unknown/Multiple
  Blocking:  |   Architecture:  Unknown/Multiple
   Failure:  None/Unknown|  
-+--
Changes (by simonmar):

  * status:  new = closed
  * resolution:  = wontfix


Comment:

 I sympathise.  But the basic problem is that when used as a CGI script,
 the command-line arguments come from an untrusted source, and most people
 wouldn't know that they need to use `-no-rtsopts` with CGI.  Furthermore
 the consequences could be disastrous, so I don't think we had much choice
 here - placing the responsibility on the user to close a security hole
 explicitly with an obscure flag is just wrong.

 See also #3910.

-- 
Ticket URL: http://hackage.haskell.org/trac/ghc/ticket/5269#comment:2
GHC http://www.haskell.org/ghc/
The Glasgow Haskell Compiler

___
Glasgow-haskell-bugs mailing list
Glasgow-haskell-bugs@haskell.org
http://www.haskell.org/mailman/listinfo/glasgow-haskell-bugs

[GHC] #5269: RTS flag decoding broken

2011-06-23 Thread GHC

#5269: RTS flag decoding broken
-+--
Reporter:  augustss  |   Owner:
Type:  bug   |  Status:  new   
Priority:  normal|   Component:  Runtime System
 Version:  7.0.4 |Keywords:
Testcase:|   Blockedby:
  Os:  Unknown/Multiple  |Blocking:
Architecture:  Unknown/Multiple  | Failure:  None/Unknown  
-+--
 Some misguided security paranoia seems to have turned off a lot of the
 flag decoding done by the RTS, unless the program is compile with
 {{{-rtsopts}}}.  This is very annoying, because for 99% of the use cases
 you want the flag decoding on.  You should cater for the common case, not
 the uncommon case.  So my suggestion is to make {{{-rtsopts}}} the
 default, and have a flag to turn it off.

-- 
Ticket URL: http://hackage.haskell.org/trac/ghc/ticket/5269
GHC http://www.haskell.org/ghc/
The Glasgow Haskell Compiler

___
Glasgow-haskell-bugs mailing list
Glasgow-haskell-bugs@haskell.org
http://www.haskell.org/mailman/listinfo/glasgow-haskell-bugs

Re: [GHC] #5269: RTS flag decoding broken

Re: [GHC] #5269: RTS flag decoding broken

[GHC] #5269: RTS flag decoding broken

3 matches

Site Navigation

Mail list logo

Footer information