If .ghci is a symlink, permissions aren't read correctly
dario@macbook ~> ls -l .ghci lrwxrwxrwx 1 dario dario 40 Jul 14 15:27 .ghci -> /home/dario/.dotfiles/dotfiles/ghci.conf dario@macbook ~> ls -l (readlink -f .ghci) -rw-r--r-- 1 dario dario 10 Jul 14 15:25 /home/dario/.dotfiles/dotfiles/ghci.conf dario@macbook ~> ghci GHCi, version 7.6.2: http://www.haskell.org/ghc/ :? for help Loading package ghc-prim ... linking ... done. Loading package integer-gmp ... linking ... done. Loading package base ... linking ... done.
- ** WARNING: /home/dario/.dotfiles/dotfiles is writable by someone else, IGNORING!
Prelude>
Obviously, /home/dario/.dotfiles/dotfiles isn't writable by someone else...
Someone else could actually delete the symlink and maybe recreate it... but it couldn't inject malicious commands in the .ghci, unless the file pointed by the symlink was also writable by the attacker, in which case, checking the permissions of the target of the symlink would still prevent any wrongdoing
Trac metadata
| Trac field | Value |
|---|---|
| Version | 7.6.2 |
| Type | Bug |
| TypeOfFailure | OtherFailure |
| Priority | low |
| Resolution | Unresolved |
| Component | GHCi |
| Test case | |
| Differential revisions | |
| BlockedBy | |
| Related | |
| Blocking | |
| CC | |
| Operating system | |
| Architecture |