GHCi by default opens .ghci files in local directories.
During a discussion on IRC I learned that ghci still opens .ghci in local directories by default (I think I raised this issue before). This means that if I'm looking through the source of an untrusted Haskell repo I can get my machine owned by simply running ghci. Now for simple shell use I could get solve this by aliasing ghci to ghci -ignore-dot-files -ghci-script ~/.ghci, but there are a lot of editor/IDE tools that also run ghci that wouldn't use this alias.
Some sensible solutions that spring to mind are:
- Only load
~/.ghciby default and add a flag that enables scanning local files. - Adding
ghcicommands to enable/disable loading local.ghcifiles in the ghci prompt and change the load order of.ghcifiles so that~/.ghciloads first and can enable/disable loading local files.
Trac metadata
| Trac field | Value |
|---|---|
| Version | 8.2.1 |
| Type | Bug |
| TypeOfFailure | OtherFailure |
| Priority | normal |
| Resolution | Unresolved |
| Component | GHCi |
| Test case | |
| Differential revisions | |
| BlockedBy | |
| Related | |
| Blocking | |
| CC | |
| Operating system | |
| Architecture |