* bug#18477: Bug#758971: byte-compiled files have wrong permissions [not found] <8208031408792652@web8g.yandex.ru> @ 2014-09-14 21:33 ` Rob Browning 2016-02-10 1:39 ` bug#18477: " Matt Wette 2016-06-21 16:06 ` bug#18477: Bug#758971: " Andy Wingo 0 siblings, 2 replies; 3+ messages in thread From: Rob Browning @ 2014-09-14 21:33 UTC (permalink / raw) To: 18477; +Cc: 758971, 758971-forwarded, Rand Peters [If possible, please preserve the -forwarded address in any replies.] I suspect this should be fixed, if it hasn't been already. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=758971 Thanks Rand Peters <rwpeters@yandex.com> writes: > Package: guile-2.0 > Version: 2.0.11+1-1 > Tags: security > > Guile automatically byte-compiles programs when they are run, and > places the byte-compiled file in a subdirectory of > $HOME/.cache/guile/. > > However, the permissions of the byte-compiled file are derived from > umask rather than the permissions of the source file. This means that > sensitive data (e.g. a hard-coded password) contained in a source file > with restrictive permissions will be copied into a byte-compiled file > that may be world-readable. > > Guile should ensure that the permissions of byte-compiled files match > those of the source. > > Example: > > $ touch myscript > > $ chmod 700 myscript # source file readable only to owner > > $ cat >> myscript <<'EOF' > #!/usr/bin/guile \ > -e main -s > !# > > (define secret-password "DEADBEEFDEADBEEF") > > (define (main args) > (display "this program contains an embedded secret") > (newline)) > EOF > > $ ./myscript > ;;; note: auto-compilation is enabled, set GUILE_AUTO_COMPILE=0 > ;;; or pass the --no-auto-compile argument to disable. > ;;; compiling /home/rwp/./myscript > ;;; compiled /home/rwp/.cache/guile/ccache/2.0-LE-4-2.0/home/rwp/myscript.go > this program contains an embedded secret > > $ ls -l ~rwp/.cache/guile/ccache/2.0-LE-4-2.0/home/rwp/myscript.go > -rw-r--r-- 1 rwp rwp 456 Jul 1 12:00 /home/[...]/myscript.go > > # ^^ Note that the byte-compiled file is world-readable > > $ strings ~rwp/.cache/guile/ccache/2.0-LE-4-2.0/home/rwp/myscript.go > [...] > DEADBEEFDEADBEEF > secret-password > [...] -- Rob Browning rlb @defaultvalue.org and @debian.org GPG as of 2011-07-10 E6A9 DA3C C9FD 1FF8 C676 D2C4 C0F0 39E9 ED1B 597A GPG as of 2002-11-03 14DD 432F AE39 534D B592 F9A0 25C8 D377 8C7E 73A4 ^ permalink raw reply [flat|nested] 3+ messages in thread
* bug#18477: byte-compiled files have wrong permissions 2014-09-14 21:33 ` bug#18477: Bug#758971: byte-compiled files have wrong permissions Rob Browning @ 2016-02-10 1:39 ` Matt Wette 2016-06-21 16:06 ` bug#18477: Bug#758971: " Andy Wingo 1 sibling, 0 replies; 3+ messages in thread From: Matt Wette @ 2016-02-10 1:39 UTC (permalink / raw) To: 18477 Comment: Does a fix of this bug imply that permissions on each directory in the trail to compiled files should reflect the permissions on the trail to the source file? ^ permalink raw reply [flat|nested] 3+ messages in thread
* bug#18477: Bug#758971: byte-compiled files have wrong permissions 2014-09-14 21:33 ` bug#18477: Bug#758971: byte-compiled files have wrong permissions Rob Browning 2016-02-10 1:39 ` bug#18477: " Matt Wette @ 2016-06-21 16:06 ` Andy Wingo 1 sibling, 0 replies; 3+ messages in thread From: Andy Wingo @ 2016-06-21 16:06 UTC (permalink / raw) To: Rob Browning; +Cc: 18477-done, 758971, 758971-forwarded, Rand Peters Fixed in 2.0 and the 2.2 prerelease. Thanks! Andy On Sun 14 Sep 2014 23:33, Rob Browning <rlb@defaultvalue.org> writes: > [If possible, please preserve the -forwarded address in any replies.] > > I suspect this should be fixed, if it hasn't been already. > > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=758971 > > Thanks > > Rand Peters <rwpeters@yandex.com> writes: > >> Package: guile-2.0 >> Version: 2.0.11+1-1 >> Tags: security >> >> Guile automatically byte-compiles programs when they are run, and >> places the byte-compiled file in a subdirectory of >> $HOME/.cache/guile/. >> >> However, the permissions of the byte-compiled file are derived from >> umask rather than the permissions of the source file. This means that >> sensitive data (e.g. a hard-coded password) contained in a source file >> with restrictive permissions will be copied into a byte-compiled file >> that may be world-readable. >> >> Guile should ensure that the permissions of byte-compiled files match >> those of the source. >> >> Example: >> >> $ touch myscript >> >> $ chmod 700 myscript # source file readable only to owner >> >> $ cat >> myscript <<'EOF' >> #!/usr/bin/guile \ >> -e main -s >> !# >> >> (define secret-password "DEADBEEFDEADBEEF") >> >> (define (main args) >> (display "this program contains an embedded secret") >> (newline)) >> EOF >> >> $ ./myscript >> ;;; note: auto-compilation is enabled, set GUILE_AUTO_COMPILE=0 >> ;;; or pass the --no-auto-compile argument to disable. >> ;;; compiling /home/rwp/./myscript >> ;;; compiled /home/rwp/.cache/guile/ccache/2.0-LE-4-2.0/home/rwp/myscript.go >> this program contains an embedded secret >> >> $ ls -l ~rwp/.cache/guile/ccache/2.0-LE-4-2.0/home/rwp/myscript.go >> -rw-r--r-- 1 rwp rwp 456 Jul 1 12:00 /home/[...]/myscript.go >> >> # ^^ Note that the byte-compiled file is world-readable >> >> $ strings ~rwp/.cache/guile/ccache/2.0-LE-4-2.0/home/rwp/myscript.go >> [...] >> DEADBEEFDEADBEEF >> secret-password >> [...] ^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2016-06-21 16:06 UTC | newest] Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- [not found] <8208031408792652@web8g.yandex.ru> 2014-09-14 21:33 ` bug#18477: Bug#758971: byte-compiled files have wrong permissions Rob Browning 2016-02-10 1:39 ` bug#18477: " Matt Wette 2016-06-21 16:06 ` bug#18477: Bug#758971: " Andy Wingo
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).