From unknown Sat Aug 16 18:42:33 2025 X-Loop: help-debbugs@gnu.org Subject: bug#18477: Bug#758971: byte-compiled files have wrong permissions Resent-From: Rob Browning Original-Sender: "Debbugs-submit" Resent-CC: bug-guile@gnu.org Resent-Date: Sun, 14 Sep 2014 21:35:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 18477 X-GNU-PR-Package: guile X-GNU-PR-Keywords: To: 18477@debbugs.gnu.org Cc: 758971@bugs.debian.org, 758971-forwarded@bugs.debian.org, Rand Peters X-Debbugs-Original-To: bug-guile@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.141073044718459 (code B ref -1); Sun, 14 Sep 2014 21:35:02 +0000 Received: (at submit) by debbugs.gnu.org; 14 Sep 2014 21:34:07 +0000 Received: from localhost ([127.0.0.1]:40994 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1XTHQs-0004ne-8b for submit@debbugs.gnu.org; Sun, 14 Sep 2014 17:34:06 -0400 Received: from eggs.gnu.org ([208.118.235.92]:32977) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1XTHQp-0004nV-9Z for submit@debbugs.gnu.org; Sun, 14 Sep 2014 17:34:04 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1XTHQk-0008BE-39 for submit@debbugs.gnu.org; Sun, 14 Sep 2014 17:34:02 -0400 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=0.8 required=5.0 tests=BAYES_50 autolearn=disabled version=3.3.2 Received: from lists.gnu.org ([2001:4830:134:3::11]:54217) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XTHQk-0008BA-12 for submit@debbugs.gnu.org; Sun, 14 Sep 2014 17:33:58 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:34693) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XTHQf-0005zW-EC for bug-guile@gnu.org; Sun, 14 Sep 2014 17:33:57 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1XTHQa-0008AW-UY for bug-guile@gnu.org; Sun, 14 Sep 2014 17:33:53 -0400 Received: from defaultvalue.org ([70.85.129.156]:37509) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XTHQa-0008AO-QJ for bug-guile@gnu.org; Sun, 14 Sep 2014 17:33:48 -0400 Received: from trouble.defaultvalue.org (localhost [127.0.0.1]) (Authenticated sender: rlb@defaultvalue.org) by defaultvalue.org (Postfix) with ESMTPSA id D162C2015C; Sun, 14 Sep 2014 16:33:47 -0500 (CDT) Received: by trouble.defaultvalue.org (Postfix, from userid 1000) id 82BB114E189; Sun, 14 Sep 2014 16:33:47 -0500 (CDT) From: Rob Browning In-Reply-To: <8208031408792652@web8g.yandex.ru> References: <8208031408792652@web8g.yandex.ru> User-Agent: Notmuch/0.18.1 (http://notmuchmail.org) Emacs/24.3.1 (x86_64-pc-linux-gnu) Date: Sun, 14 Sep 2014 16:33:47 -0500 Message-ID: <87k355yjic.fsf@trouble.defaultvalue.org> MIME-Version: 1.0 Content-Type: text/plain X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-detected-operating-system: by eggs.gnu.org: Error: Malformed IPv6 address (bad octet value). X-Received-From: 2001:4830:134:3::11 X-Spam-Score: -5.0 (-----) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -5.0 (-----) [If possible, please preserve the -forwarded address in any replies.] I suspect this should be fixed, if it hasn't been already. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=758971 Thanks Rand Peters writes: > Package: guile-2.0 > Version: 2.0.11+1-1 > Tags: security > > Guile automatically byte-compiles programs when they are run, and > places the byte-compiled file in a subdirectory of > $HOME/.cache/guile/. > > However, the permissions of the byte-compiled file are derived from > umask rather than the permissions of the source file. This means that > sensitive data (e.g. a hard-coded password) contained in a source file > with restrictive permissions will be copied into a byte-compiled file > that may be world-readable. > > Guile should ensure that the permissions of byte-compiled files match > those of the source. > > Example: > > $ touch myscript > > $ chmod 700 myscript # source file readable only to owner > > $ cat >> myscript <<'EOF' > #!/usr/bin/guile \ > -e main -s > !# > > (define secret-password "DEADBEEFDEADBEEF") > > (define (main args) > (display "this program contains an embedded secret") > (newline)) > EOF > > $ ./myscript > ;;; note: auto-compilation is enabled, set GUILE_AUTO_COMPILE=0 > ;;; or pass the --no-auto-compile argument to disable. > ;;; compiling /home/rwp/./myscript > ;;; compiled /home/rwp/.cache/guile/ccache/2.0-LE-4-2.0/home/rwp/myscript.go > this program contains an embedded secret > > $ ls -l ~rwp/.cache/guile/ccache/2.0-LE-4-2.0/home/rwp/myscript.go > -rw-r--r-- 1 rwp rwp 456 Jul 1 12:00 /home/[...]/myscript.go > > # ^^ Note that the byte-compiled file is world-readable > > $ strings ~rwp/.cache/guile/ccache/2.0-LE-4-2.0/home/rwp/myscript.go > [...] > DEADBEEFDEADBEEF > secret-password > [...] -- Rob Browning rlb @defaultvalue.org and @debian.org GPG as of 2011-07-10 E6A9 DA3C C9FD 1FF8 C676 D2C4 C0F0 39E9 ED1B 597A GPG as of 2002-11-03 14DD 432F AE39 534D B592 F9A0 25C8 D377 8C7E 73A4 From debbugs-submit-bounces@debbugs.gnu.org Wed Oct 01 19:24:49 2014 Received: (at control) by debbugs.gnu.org; 1 Oct 2014 23:24:49 +0000 Received: from localhost ([127.0.0.1]:57838 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1XZTGL-0005zp-3e for submit@debbugs.gnu.org; Wed, 01 Oct 2014 19:24:49 -0400 Received: from world.peace.net ([96.39.62.75]:44967) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1XZTGJ-0005zb-1K for control@debbugs.gnu.org; Wed, 01 Oct 2014 19:24:47 -0400 Received: from c-24-62-95-23.hsd1.ma.comcast.net ([24.62.95.23] helo=jojen) by world.peace.net with esmtpsa (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.72) (envelope-from ) id 1XZTGD-0002K2-EJ; Wed, 01 Oct 2014 19:24:41 -0400 From: Mark H Weaver To: control@debbugs.gnu.org Date: Wed, 01 Oct 2014 19:24:39 -0400 Message-ID: <8761g3bcg8.fsf@netris.org> MIME-Version: 1.0 Content-Type: text/plain X-Spam-Score: 2.0 (++) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has identified this incoming email as possible spam. The original message has been attached to this so you can view it (if it isn't spam) or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: severity 10492 minor severity 10940 minor severity 17941 minor severity 18477 important severity 18520 wishlist thanks [...] Content analysis details: (2.0 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 1.8 MISSING_SUBJECT Missing Subject: header 0.2 NO_SUBJECT Extra score for no subject X-Debbugs-Envelope-To: control X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 2.0 (++) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has identified this incoming email as possible spam. The original message has been attached to this so you can view it (if it isn't spam) or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: severity 10492 minor severity 10940 minor severity 17941 minor severity 18477 important severity 18520 wishlist thanks [...] Content analysis details: (2.0 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 1.8 MISSING_SUBJECT Missing Subject: header 0.2 NO_SUBJECT Extra score for no subject severity 10492 minor severity 10940 minor severity 17941 minor severity 18477 important severity 18520 wishlist thanks From unknown Sat Aug 16 18:42:33 2025 X-Loop: help-debbugs@gnu.org Subject: bug#18477: byte-compiled files have wrong permissions References: <87k355yjic.fsf@trouble.defaultvalue.org> In-Reply-To: <87k355yjic.fsf@trouble.defaultvalue.org> Resent-From: Matt Wette Original-Sender: "Debbugs-submit" Resent-CC: bug-guile@gnu.org Resent-Date: Wed, 10 Feb 2016 01:40:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 18477 X-GNU-PR-Package: guile X-GNU-PR-Keywords: To: 18477@debbugs.gnu.org Received: via spool by 18477-submit@debbugs.gnu.org id=B18477.145506836726041 (code B ref 18477); Wed, 10 Feb 2016 01:40:01 +0000 Received: (at 18477) by debbugs.gnu.org; 10 Feb 2016 01:39:27 +0000 Received: from localhost ([127.0.0.1]:34071 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84) (envelope-from ) id 1aTJkd-0006lx-CJ for submit@debbugs.gnu.org; Tue, 09 Feb 2016 20:39:27 -0500 Received: from vms173015pub.verizon.net ([206.46.173.15]:33608) by debbugs.gnu.org with esmtp (Exim 4.84) (envelope-from ) id 1aTJkc-0006ll-BH for 18477@debbugs.gnu.org; Tue, 09 Feb 2016 20:39:26 -0500 Received: from vz-proxy-m004.mx.aol.com ([64.236.83.2]) by vms173015.mailsrvcs.net (Oracle Communications Messaging Server 7.0.5.32.0 64bit (built Jul 16 2014)) with ESMTPA id <0O2B008S25XFZJA0@vms173015.mailsrvcs.net> for 18477@debbugs.gnu.org; Tue, 09 Feb 2016 19:39:16 -0600 (CST) X-CMAE-Score: 0 X-CMAE-Analysis: v=2.1 cv=J+9Xl1TS c=1 sm=1 tr=0 a=EDCZS3Slg7tGr17y9w9vtg==:117 a=kj9zAlcOel0A:10 a=jFJIQSaiL_oA:10 a=r8hEcLUZrG6mvPOYpxkA:9 a=CjuIK1q_8ugA:10 Received: by 72.87.204.128 with SMTP id 725b8828; Wed, 10 Feb 2016 01:39:16 GMT From: Matt Wette Content-type: text/plain; charset=us-ascii Content-transfer-encoding: quoted-printable Message-id: <450F0463-33DE-4995-8AB0-28F6A044E5B7@verizon.net> Date: Tue, 09 Feb 2016 17:39:14 -0800 MIME-version: 1.0 (Mac OS X Mail 8.2 \(2104\)) X-Mailer: Apple Mail (2.2104) X-Spam-Score: -0.6 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -0.6 (/) Comment: Does a fix of this bug imply that permissions on each directory in the = trail to compiled files should reflect the permissions on the trail to = the source file? From unknown Sat Aug 16 18:42:33 2025 MIME-Version: 1.0 X-Mailer: MIME-tools 5.505 (Entity 5.505) X-Loop: help-debbugs@gnu.org From: help-debbugs@gnu.org (GNU bug Tracking System) To: Rob Browning Subject: bug#18477: closed (Re: bug#18477: Bug#758971: byte-compiled files have wrong permissions) Message-ID: References: <87k2hiwmqf.fsf@pobox.com> <87k355yjic.fsf@trouble.defaultvalue.org> X-Gnu-PR-Message: they-closed 18477 X-Gnu-PR-Package: guile Reply-To: 18477@debbugs.gnu.org Date: Tue, 21 Jun 2016 16:07:03 +0000 Content-Type: multipart/mixed; boundary="----------=_1466525223-29672-1" This is a multi-part message in MIME format... ------------=_1466525223-29672-1 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Your bug report #18477: Bug#758971: byte-compiled files have wrong permissions which was filed against the guile package, has been closed. The explanation is attached below, along with your original report. If you require more details, please reply to 18477@debbugs.gnu.org. --=20 18477: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=3D18477 GNU Bug Tracking System Contact help-debbugs@gnu.org with problems ------------=_1466525223-29672-1 Content-Type: message/rfc822 Content-Disposition: inline Content-Transfer-Encoding: 7bit Received: (at 18477-done) by debbugs.gnu.org; 21 Jun 2016 16:06:13 +0000 Received: from localhost ([127.0.0.1]:49963 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1bFOBp-0007h8-Bm for submit@debbugs.gnu.org; Tue, 21 Jun 2016 12:06:13 -0400 Received: from pb-sasl2.pobox.com ([64.147.108.67]:53532 helo=sasl.smtp.pobox.com) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1bFOBm-0007gz-VP for 18477-done@debbugs.gnu.org; Tue, 21 Jun 2016 12:06:11 -0400 Received: from sasl.smtp.pobox.com (unknown [127.0.0.1]) by pb-sasl2.pobox.com (Postfix) with ESMTP id 5278424F9C; Tue, 21 Jun 2016 12:06:08 -0400 (EDT) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=pobox.com; h=from:to:cc :subject:references:date:in-reply-to:message-id:mime-version :content-type; s=sasl; bh=nXzoNdttgBiDIRcElMFdid+wg5E=; b=KJQfak v0khsAA1P9F+g6bU4xbiui0F5jyz2+kS4mnKU5Hx8VIDsulO1nQsbIvlTA/OR8aA HxMOR+BbUgBTk1BP3cpQwEVQCgxglCCr7NVQVRLLGZ04HjURpE6efoUnbCpSJMJo tLCavDuUUfztt39wKm3AYQyb0Pkf7TzDUYqbM= DomainKey-Signature: a=rsa-sha1; c=nofws; d=pobox.com; h=from:to:cc :subject:references:date:in-reply-to:message-id:mime-version :content-type; q=dns; s=sasl; b=nySx1FLNiYSarnb0j/9TKyBWRCHS/yC6 JdJtaOLUKXPnt47E/iWRj/JDtaV1xKU9S1gHD9gUHQo/bvwPI0KZUTtmC6YWZcmw yT1RlwZZw/i4yvWNfETdLv28PVQb885SRJvID/YQwGIHRrX+46d4+0JWurdnZest OEH7/XI1/rI= Received: from pb-sasl2.nyi.icgroup.com (unknown [127.0.0.1]) by pb-sasl2.pobox.com (Postfix) with ESMTP id 48D8924F9B; Tue, 21 Jun 2016 12:06:08 -0400 (EDT) Received: from clucks (unknown [88.160.190.192]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by pb-sasl2.pobox.com (Postfix) with ESMTPSA id 79CE124F9A; Tue, 21 Jun 2016 12:06:07 -0400 (EDT) From: Andy Wingo To: Rob Browning Subject: Re: bug#18477: Bug#758971: byte-compiled files have wrong permissions References: <8208031408792652@web8g.yandex.ru> <87k355yjic.fsf@trouble.defaultvalue.org> Date: Tue, 21 Jun 2016 18:06:00 +0200 In-Reply-To: <87k355yjic.fsf@trouble.defaultvalue.org> (Rob Browning's message of "Sun, 14 Sep 2014 16:33:47 -0500") Message-ID: <87k2hiwmqf.fsf@pobox.com> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.5 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-Pobox-Relay-ID: 10461F28-37CA-11E6-9BCF-28A6F1301B6D-02397024!pb-sasl2.pobox.com X-Spam-Score: -1.4 (-) X-Debbugs-Envelope-To: 18477-done Cc: 18477-done@debbugs.gnu.org, 758971@bugs.debian.org, 758971-forwarded@bugs.debian.org, Rand Peters X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.4 (-) Fixed in 2.0 and the 2.2 prerelease. Thanks! Andy On Sun 14 Sep 2014 23:33, Rob Browning writes: > [If possible, please preserve the -forwarded address in any replies.] > > I suspect this should be fixed, if it hasn't been already. > > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=758971 > > Thanks > > Rand Peters writes: > >> Package: guile-2.0 >> Version: 2.0.11+1-1 >> Tags: security >> >> Guile automatically byte-compiles programs when they are run, and >> places the byte-compiled file in a subdirectory of >> $HOME/.cache/guile/. >> >> However, the permissions of the byte-compiled file are derived from >> umask rather than the permissions of the source file. This means that >> sensitive data (e.g. a hard-coded password) contained in a source file >> with restrictive permissions will be copied into a byte-compiled file >> that may be world-readable. >> >> Guile should ensure that the permissions of byte-compiled files match >> those of the source. >> >> Example: >> >> $ touch myscript >> >> $ chmod 700 myscript # source file readable only to owner >> >> $ cat >> myscript <<'EOF' >> #!/usr/bin/guile \ >> -e main -s >> !# >> >> (define secret-password "DEADBEEFDEADBEEF") >> >> (define (main args) >> (display "this program contains an embedded secret") >> (newline)) >> EOF >> >> $ ./myscript >> ;;; note: auto-compilation is enabled, set GUILE_AUTO_COMPILE=0 >> ;;; or pass the --no-auto-compile argument to disable. >> ;;; compiling /home/rwp/./myscript >> ;;; compiled /home/rwp/.cache/guile/ccache/2.0-LE-4-2.0/home/rwp/myscript.go >> this program contains an embedded secret >> >> $ ls -l ~rwp/.cache/guile/ccache/2.0-LE-4-2.0/home/rwp/myscript.go >> -rw-r--r-- 1 rwp rwp 456 Jul 1 12:00 /home/[...]/myscript.go >> >> # ^^ Note that the byte-compiled file is world-readable >> >> $ strings ~rwp/.cache/guile/ccache/2.0-LE-4-2.0/home/rwp/myscript.go >> [...] >> DEADBEEFDEADBEEF >> secret-password >> [...] ------------=_1466525223-29672-1 Content-Type: message/rfc822 Content-Disposition: inline Content-Transfer-Encoding: 7bit Received: (at submit) by debbugs.gnu.org; 14 Sep 2014 21:34:07 +0000 Received: from localhost ([127.0.0.1]:40994 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1XTHQs-0004ne-8b for submit@debbugs.gnu.org; Sun, 14 Sep 2014 17:34:06 -0400 Received: from eggs.gnu.org ([208.118.235.92]:32977) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1XTHQp-0004nV-9Z for submit@debbugs.gnu.org; Sun, 14 Sep 2014 17:34:04 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1XTHQk-0008BE-39 for submit@debbugs.gnu.org; Sun, 14 Sep 2014 17:34:02 -0400 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=0.8 required=5.0 tests=BAYES_50 autolearn=disabled version=3.3.2 Received: from lists.gnu.org ([2001:4830:134:3::11]:54217) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XTHQk-0008BA-12 for submit@debbugs.gnu.org; Sun, 14 Sep 2014 17:33:58 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:34693) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XTHQf-0005zW-EC for bug-guile@gnu.org; Sun, 14 Sep 2014 17:33:57 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1XTHQa-0008AW-UY for bug-guile@gnu.org; Sun, 14 Sep 2014 17:33:53 -0400 Received: from defaultvalue.org ([70.85.129.156]:37509) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XTHQa-0008AO-QJ for bug-guile@gnu.org; Sun, 14 Sep 2014 17:33:48 -0400 Received: from trouble.defaultvalue.org (localhost [127.0.0.1]) (Authenticated sender: rlb@defaultvalue.org) by defaultvalue.org (Postfix) with ESMTPSA id D162C2015C; Sun, 14 Sep 2014 16:33:47 -0500 (CDT) Received: by trouble.defaultvalue.org (Postfix, from userid 1000) id 82BB114E189; Sun, 14 Sep 2014 16:33:47 -0500 (CDT) From: Rob Browning To: bug-guile@gnu.org Subject: Re: Bug#758971: byte-compiled files have wrong permissions In-Reply-To: <8208031408792652@web8g.yandex.ru> References: <8208031408792652@web8g.yandex.ru> User-Agent: Notmuch/0.18.1 (http://notmuchmail.org) Emacs/24.3.1 (x86_64-pc-linux-gnu) Date: Sun, 14 Sep 2014 16:33:47 -0500 Message-ID: <87k355yjic.fsf@trouble.defaultvalue.org> MIME-Version: 1.0 Content-Type: text/plain X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-detected-operating-system: by eggs.gnu.org: Error: Malformed IPv6 address (bad octet value). X-Received-From: 2001:4830:134:3::11 X-Spam-Score: -5.0 (-----) X-Debbugs-Envelope-To: submit Cc: 758971@bugs.debian.org, 758971-forwarded@bugs.debian.org, Rand Peters X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -5.0 (-----) [If possible, please preserve the -forwarded address in any replies.] I suspect this should be fixed, if it hasn't been already. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=758971 Thanks Rand Peters writes: > Package: guile-2.0 > Version: 2.0.11+1-1 > Tags: security > > Guile automatically byte-compiles programs when they are run, and > places the byte-compiled file in a subdirectory of > $HOME/.cache/guile/. > > However, the permissions of the byte-compiled file are derived from > umask rather than the permissions of the source file. This means that > sensitive data (e.g. a hard-coded password) contained in a source file > with restrictive permissions will be copied into a byte-compiled file > that may be world-readable. > > Guile should ensure that the permissions of byte-compiled files match > those of the source. > > Example: > > $ touch myscript > > $ chmod 700 myscript # source file readable only to owner > > $ cat >> myscript <<'EOF' > #!/usr/bin/guile \ > -e main -s > !# > > (define secret-password "DEADBEEFDEADBEEF") > > (define (main args) > (display "this program contains an embedded secret") > (newline)) > EOF > > $ ./myscript > ;;; note: auto-compilation is enabled, set GUILE_AUTO_COMPILE=0 > ;;; or pass the --no-auto-compile argument to disable. > ;;; compiling /home/rwp/./myscript > ;;; compiled /home/rwp/.cache/guile/ccache/2.0-LE-4-2.0/home/rwp/myscript.go > this program contains an embedded secret > > $ ls -l ~rwp/.cache/guile/ccache/2.0-LE-4-2.0/home/rwp/myscript.go > -rw-r--r-- 1 rwp rwp 456 Jul 1 12:00 /home/[...]/myscript.go > > # ^^ Note that the byte-compiled file is world-readable > > $ strings ~rwp/.cache/guile/ccache/2.0-LE-4-2.0/home/rwp/myscript.go > [...] > DEADBEEFDEADBEEF > secret-password > [...] -- Rob Browning rlb @defaultvalue.org and @debian.org GPG as of 2011-07-10 E6A9 DA3C C9FD 1FF8 C676 D2C4 C0F0 39E9 ED1B 597A GPG as of 2002-11-03 14DD 432F AE39 534D B592 F9A0 25C8 D377 8C7E 73A4 ------------=_1466525223-29672-1--