Skip to content

/go

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

os: package variables can be subverted #7885

Closed
gopherbot opened this Issue Apr 28, 2014 · 6 comments

Comments

Assignees
No one assigned
Labels
WaitingForInfo
Projects
None yet
Milestone
  Unplanned
5 participants
@gopherbot @cznic @ianlancetaylor @ysmolsky @rsc
@gopherbot
Copy link

gopherbot commented Apr 28, 2014

by glyn.normington:

It is possible to subvert the behaviour of system packages by overwriting their
variables. For instance, it is possible to set the value of os.ErrPermission. This
should not be allowed as it may cause a security exposures and break existing contracts.

See this for an example: http://play.golang.org/p/PQPr9jcLqU
@cznic

This comment has been minimized.

Sign in to view
Copy link
Contributor

cznic commented Apr 28, 2014

Comment 1:

Is there a specific language change proposal available? If so -> ML.
@gopherbot

This comment has been minimized.

Sign in to view
Copy link
Author

gopherbot commented Apr 28, 2014

Comment 2 by glyn.normington:

No language change is proposed. Removing all variables from system packages would be a
sufficient, albeit disruptive, fix.
(Broading the meaning of const may be a possible solution too, but I'll leave that to
the experts to decide.)
@ianlancetaylor

This comment has been minimized.

Sign in to view
Copy link
Contributor

ianlancetaylor commented Apr 28, 2014

Comment 3:

This is not a security issue in the usual sense.  It permits your source code to do bad
things--but your source code can already import unsafe.

Labels changed: added repo-main, release-none.

Status changed to Thinking.
@gopherbot

This comment has been minimized.

Sign in to view
Copy link
Author

gopherbot commented Apr 29, 2014

Comment 4 by glyn.normington:

Agreed it's not a conventional security issue.
BTW an alternative error idiom which avoid this issue is described here (although ignore
the use of stack traces which wouldn't necessarily be applicable to system libraries):
http://underlap.blogspot.co.uk/2014/04/better-golang-error-idiom.html

@gopherbot gopherbot added Thinking repo-main labels Apr 29, 2014

@rsc rsc added this to the Unplanned milestone Apr 10, 2015

@rsc rsc removed release-none labels Apr 10, 2015

@ysmolsky

This comment has been minimized.

Sign in to view
Copy link
Member

ysmolsky commented Nov 6, 2018

@ianlancetaylor do you think we can close it? I do not see any value here.

@ysmolsky ysmolsky added WaitingForInfo and removed Thinking labels Nov 6, 2018

@ianlancetaylor

This comment has been minimized.

Sign in to view
Copy link
Contributor

ianlancetaylor commented Nov 6, 2018

I agree: there is no proposal here. The specific problem mentioned could be addressed by, say, #6836. Closing this one.

Thanks for looking at these old issues.

@ianlancetaylor ianlancetaylor closed this Nov 6, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.