[GHC] #15371: Eventlog framework outputs environment variables which may cause a security issue

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
10 messages Options
Reply | Threaded
Open this post in threaded view
|

[GHC] #15371: Eventlog framework outputs environment variables which may cause a security issue

GHC - devs mailing list
#15371: Eventlog framework outputs environment variables which may cause a security
issue
-------------------------------------+-------------------------------------
           Reporter:  maoe           |             Owner:  (none)
               Type:  feature        |            Status:  new
  request                            |
           Priority:  normal         |         Milestone:
          Component:  Runtime        |           Version:  8.4.3
  System                             |
           Keywords:                 |  Operating System:  Unknown/Multiple
       Architecture:                 |   Type of failure:  Other
  Unknown/Multiple                   |
          Test Case:                 |        Blocked By:
           Blocking:                 |   Related Tickets:
Differential Rev(s):                 |         Wiki Page:
-------------------------------------+-------------------------------------
 The eventlog framework currently writes all environment variables to the
 eventlog file. This may cause a security issue as some external tools
 expect user to set credentials in environment variables. It's possible for
 the user to publish an eventlog which contains credentials without knowing
 it.

 In general it's not a good idea to set credentials in environment
 variables but I think GHC should stop writing environment variables to the
 eventlog implicitly and this feature should be opt-in.

 I'm not sure if this feature is widely used or if we can just drop it. If
 it's used to some extend maybe we can provide a function that does this
 job in a library.

--
Ticket URL: <http://ghc.haskell.org/trac/ghc/ticket/15371>
GHC <http://www.haskell.org/ghc/>
The Glasgow Haskell Compiler

_______________________________________________
ghc-tickets mailing list
[hidden email]
http://mail.haskell.org/cgi-bin/mailman/listinfo/ghc-tickets
Reply | Threaded
Open this post in threaded view
|

Re: [GHC] #15371: Eventlog framework outputs environment variables which may cause a security issue

GHC - devs mailing list
#15371: Eventlog framework outputs environment variables which may cause a security
issue
-------------------------------------+-------------------------------------
        Reporter:  maoe              |                Owner:  (none)
            Type:  feature request   |               Status:  new
        Priority:  normal            |            Milestone:
       Component:  Runtime System    |              Version:  8.4.3
      Resolution:                    |             Keywords:
Operating System:  Unknown/Multiple  |         Architecture:
                                     |  Unknown/Multiple
 Type of failure:  Other             |            Test Case:
      Blocked By:                    |             Blocking:
 Related Tickets:                    |  Differential Rev(s):
       Wiki Page:                    |
-------------------------------------+-------------------------------------
Description changed by maoe:

Old description:

> The eventlog framework currently writes all environment variables to the
> eventlog file. This may cause a security issue as some external tools
> expect user to set credentials in environment variables. It's possible
> for the user to publish an eventlog which contains credentials without
> knowing it.
>
> In general it's not a good idea to set credentials in environment
> variables but I think GHC should stop writing environment variables to
> the eventlog implicitly and this feature should be opt-in.
>
> I'm not sure if this feature is widely used or if we can just drop it. If
> it's used to some extend maybe we can provide a function that does this
> job in a library.
New description:

 The eventlog framework currently writes all environment variables to the
 eventlog file. This may cause a security issue as some external tools
 expect user to set credentials in environment variables. It's possible for
 the user to publish an eventlog which contains credentials without knowing
 it.

 In general it's not a good idea to set credentials in environment
 variables but I think GHC should stop writing environment variables to the
 eventlog implicitly and this feature should be opt-in.

 I'm not sure if this feature is widely used or if we can just drop it. If
 it's used to some extent maybe we can provide a function that does this
 job in a library.

--

--
Ticket URL: <http://ghc.haskell.org/trac/ghc/ticket/15371#comment:1>
GHC <http://www.haskell.org/ghc/>
The Glasgow Haskell Compiler

_______________________________________________
ghc-tickets mailing list
[hidden email]
http://mail.haskell.org/cgi-bin/mailman/listinfo/ghc-tickets
Reply | Threaded
Open this post in threaded view
|

Re: [GHC] #15371: Eventlog framework outputs environment variables which may cause a security issue

GHC - devs mailing list
In reply to this post by GHC - devs mailing list
#15371: Eventlog framework outputs environment variables which may cause a security
issue
-------------------------------------+-------------------------------------
        Reporter:  maoe              |                Owner:  (none)
            Type:  feature request   |               Status:  new
        Priority:  normal            |            Milestone:
       Component:  Runtime System    |              Version:  8.4.3
      Resolution:                    |             Keywords:
Operating System:  Unknown/Multiple  |         Architecture:
                                     |  Unknown/Multiple
 Type of failure:  Other             |            Test Case:
      Blocked By:                    |             Blocking:
 Related Tickets:                    |  Differential Rev(s):
       Wiki Page:                    |
-------------------------------------+-------------------------------------

Comment (by bgamari):

 I am quite sympathetic to this concern; it seems like this could very
 easily turn into a security issue.

--
Ticket URL: <http://ghc.haskell.org/trac/ghc/ticket/15371#comment:2>
GHC <http://www.haskell.org/ghc/>
The Glasgow Haskell Compiler

_______________________________________________
ghc-tickets mailing list
[hidden email]
http://mail.haskell.org/cgi-bin/mailman/listinfo/ghc-tickets
Reply | Threaded
Open this post in threaded view
|

Re: [GHC] #15371: Eventlog framework outputs environment variables which may cause a security issue

GHC - devs mailing list
In reply to this post by GHC - devs mailing list
#15371: Eventlog framework outputs environment variables which may cause a security
issue
-------------------------------------+-------------------------------------
        Reporter:  maoe              |                Owner:  (none)
            Type:  feature request   |               Status:  new
        Priority:  normal            |            Milestone:
       Component:  Runtime System    |              Version:  8.4.3
      Resolution:                    |             Keywords:
Operating System:  Unknown/Multiple  |         Architecture:
                                     |  Unknown/Multiple
 Type of failure:  Other             |            Test Case:
      Blocked By:                    |             Blocking:
 Related Tickets:                    |  Differential Rev(s):
       Wiki Page:                    |
-------------------------------------+-------------------------------------

Comment (by maoe):

 Fixed this in https://github.com/ghc/ghc/pull/169.

--
Ticket URL: <http://ghc.haskell.org/trac/ghc/ticket/15371#comment:3>
GHC <http://www.haskell.org/ghc/>
The Glasgow Haskell Compiler

_______________________________________________
ghc-tickets mailing list
[hidden email]
http://mail.haskell.org/cgi-bin/mailman/listinfo/ghc-tickets
Reply | Threaded
Open this post in threaded view
|

Re: [GHC] #15371: Eventlog framework outputs environment variables which may cause a security issue

GHC - devs mailing list
In reply to this post by GHC - devs mailing list
#15371: Eventlog framework outputs environment variables which may cause a security
issue
-------------------------------------+-------------------------------------
        Reporter:  maoe              |                Owner:  (none)
            Type:  feature request   |               Status:  new
        Priority:  normal            |            Milestone:
       Component:  Runtime System    |              Version:  8.4.3
      Resolution:                    |             Keywords:
Operating System:  Unknown/Multiple  |         Architecture:
                                     |  Unknown/Multiple
 Type of failure:  Other             |            Test Case:
      Blocked By:                    |             Blocking:
 Related Tickets:                    |  Differential Rev(s):
       Wiki Page:                    |
-------------------------------------+-------------------------------------

Comment (by maoe):

 Uploaded the patch to https://phabricator.haskell.org/D5187.

--
Ticket URL: <http://ghc.haskell.org/trac/ghc/ticket/15371#comment:4>
GHC <http://www.haskell.org/ghc/>
The Glasgow Haskell Compiler

_______________________________________________
ghc-tickets mailing list
[hidden email]
http://mail.haskell.org/cgi-bin/mailman/listinfo/ghc-tickets
Reply | Threaded
Open this post in threaded view
|

Re: [GHC] #15371: Eventlog framework outputs environment variables which may cause a security issue

GHC - devs mailing list
In reply to this post by GHC - devs mailing list
#15371: Eventlog framework outputs environment variables which may cause a security
issue
-------------------------------------+-------------------------------------
        Reporter:  maoe              |                Owner:  (none)
            Type:  feature request   |               Status:  new
        Priority:  normal            |            Milestone:
       Component:  Runtime System    |              Version:  8.4.3
      Resolution:                    |             Keywords:
Operating System:  Unknown/Multiple  |         Architecture:
                                     |  Unknown/Multiple
 Type of failure:  Other             |            Test Case:
      Blocked By:                    |             Blocking:
 Related Tickets:                    |  Differential Rev(s):
       Wiki Page:                    |  https://phabricator.haskell.org/D5187
-------------------------------------+-------------------------------------
Changes (by maoe):

 * differential:   => https://phabricator.haskell.org/D5187


--
Ticket URL: <http://ghc.haskell.org/trac/ghc/ticket/15371#comment:5>
GHC <http://www.haskell.org/ghc/>
The Glasgow Haskell Compiler

_______________________________________________
ghc-tickets mailing list
[hidden email]
http://mail.haskell.org/cgi-bin/mailman/listinfo/ghc-tickets
Reply | Threaded
Open this post in threaded view
|

Re: [GHC] #15371: Eventlog framework outputs environment variables which may cause a security issue

GHC - devs mailing list
In reply to this post by GHC - devs mailing list
#15371: Eventlog framework outputs environment variables which may cause a security
issue
-------------------------------------+-------------------------------------
        Reporter:  maoe              |                Owner:  (none)
            Type:  feature request   |               Status:  new
        Priority:  normal            |            Milestone:
       Component:  Runtime System    |              Version:  8.4.3
      Resolution:                    |             Keywords:
Operating System:  Unknown/Multiple  |         Architecture:
                                     |  Unknown/Multiple
 Type of failure:  Other             |            Test Case:
      Blocked By:                    |             Blocking:
 Related Tickets:                    |  Differential Rev(s):  Phab:D5187
       Wiki Page:                    |
-------------------------------------+-------------------------------------
Changes (by osa1):

 * differential:  https://phabricator.haskell.org/D5187 => Phab:D5187


--
Ticket URL: <http://ghc.haskell.org/trac/ghc/ticket/15371#comment:6>
GHC <http://www.haskell.org/ghc/>
The Glasgow Haskell Compiler

_______________________________________________
ghc-tickets mailing list
[hidden email]
http://mail.haskell.org/cgi-bin/mailman/listinfo/ghc-tickets
Reply | Threaded
Open this post in threaded view
|

Re: [GHC] #15371: Eventlog framework outputs environment variables which may cause a security issue

GHC - devs mailing list
In reply to this post by GHC - devs mailing list
#15371: Eventlog framework outputs environment variables which may cause a security
issue
-------------------------------------+-------------------------------------
        Reporter:  maoe              |                Owner:  (none)
            Type:  feature request   |               Status:  new
        Priority:  normal            |            Milestone:
       Component:  Runtime System    |              Version:  8.4.3
      Resolution:                    |             Keywords:
Operating System:  Unknown/Multiple  |         Architecture:
                                     |  Unknown/Multiple
 Type of failure:  Other             |            Test Case:
      Blocked By:                    |             Blocking:
 Related Tickets:                    |  Differential Rev(s):  Phab:D5187
       Wiki Page:                    |
-------------------------------------+-------------------------------------

Comment (by Krzysztof Gogolewski <krz.gogolewski@…>):

 In [changeset:"68a747c702d2432cc90d2a79a6aba0e67ac3e2c0/ghc" 68a747c/ghc]:
 {{{
 #!CommitTicketReference repository="ghc"
 revision="68a747c702d2432cc90d2a79a6aba0e67ac3e2c0"
 rts: Stop tracing environment variables (fixes #15371)

 Summary:
 This tracing may cause a security issue as some external tools
 out there expects user to set credentials in environment variables.

 Reviewers: bgamari, erikd, simonmar, monoidal

 Reviewed By: monoidal

 Subscribers: tdammers, rwbarton, carter

 GHC Trac Issues: #15371

 Differential Revision: https://phabricator.haskell.org/D5187
 }}}

--
Ticket URL: <http://ghc.haskell.org/trac/ghc/ticket/15371#comment:7>
GHC <http://www.haskell.org/ghc/>
The Glasgow Haskell Compiler

_______________________________________________
ghc-tickets mailing list
[hidden email]
http://mail.haskell.org/cgi-bin/mailman/listinfo/ghc-tickets
Reply | Threaded
Open this post in threaded view
|

Re: [GHC] #15371: Eventlog framework outputs environment variables which may cause a security issue

GHC - devs mailing list
In reply to this post by GHC - devs mailing list
#15371: Eventlog framework outputs environment variables which may cause a security
issue
-------------------------------------+-------------------------------------
        Reporter:  maoe              |                Owner:  (none)
            Type:  feature request   |               Status:  merge
        Priority:  normal            |            Milestone:
       Component:  Runtime System    |              Version:  8.4.3
      Resolution:                    |             Keywords:
Operating System:  Unknown/Multiple  |         Architecture:
                                     |  Unknown/Multiple
 Type of failure:  Other             |            Test Case:
      Blocked By:                    |             Blocking:
 Related Tickets:                    |  Differential Rev(s):  Phab:D5187
       Wiki Page:                    |
-------------------------------------+-------------------------------------
Changes (by monoidal):

 * status:  new => merge


--
Ticket URL: <http://ghc.haskell.org/trac/ghc/ticket/15371#comment:8>
GHC <http://www.haskell.org/ghc/>
The Glasgow Haskell Compiler

_______________________________________________
ghc-tickets mailing list
[hidden email]
http://mail.haskell.org/cgi-bin/mailman/listinfo/ghc-tickets
Reply | Threaded
Open this post in threaded view
|

Re: [GHC] #15371: Eventlog framework outputs environment variables which may cause a security issue

GHC - devs mailing list
In reply to this post by GHC - devs mailing list
#15371: Eventlog framework outputs environment variables which may cause a security
issue
-------------------------------------+-------------------------------------
        Reporter:  maoe              |                Owner:  (none)
            Type:  feature request   |               Status:  closed
        Priority:  normal            |            Milestone:  8.8.1
       Component:  Runtime System    |              Version:  8.4.3
      Resolution:  fixed             |             Keywords:
Operating System:  Unknown/Multiple  |         Architecture:
                                     |  Unknown/Multiple
 Type of failure:  Other             |            Test Case:
      Blocked By:                    |             Blocking:
 Related Tickets:                    |  Differential Rev(s):  Phab:D5187
       Wiki Page:                    |
-------------------------------------+-------------------------------------
Changes (by bgamari):

 * status:  merge => closed
 * resolution:   => fixed
 * milestone:   => 8.8.1


Comment:

 I'm going to punt this to 8.8 since doing otherwise would imply a
 functional change in a minor release.

--
Ticket URL: <http://ghc.haskell.org/trac/ghc/ticket/15371#comment:9>
GHC <http://www.haskell.org/ghc/>
The Glasgow Haskell Compiler

_______________________________________________
ghc-tickets mailing list
[hidden email]
http://mail.haskell.org/cgi-bin/mailman/listinfo/ghc-tickets