coq-club AT inria.fr

Subject: The Coq mailing list

List archive

Re: [Coq-Club] Safe to download and compile .v from evil source ?

From: Jay Kruer <kruerj AT reed.edu>
To: coq-club AT inria.fr
Subject: Re: [Coq-Club] Safe to download and compile .v from evil source ?
Date: Sat, 1 Feb 2020 14:38:44 -0800
Authentication-results: mail2-smtp-roc.national.inria.fr; spf=None smtp.pra=kruerj AT reed.edu; spf=Pass smtp.mailfrom=kruerj AT reed.edu; spf=None smtp.helo=postmaster AT mail-pg1-f193.google.com
Ironport-phdr: 9a23:DuNqJxfp7+ZpqiMliAdIMmpilGMj4u6mDksu8pMizoh2WeGdxcuyZR7h7PlgxGXEQZ/co6odzbaP7+a8AydZv83J8ChbNsAVDFld0YRetjdjKfbNMVf8Iv/uYn5yN+V5f3ghwUuGN1NIEt31fVzYry76xzcTHhLiKVg9fbytScbdgMutyu+95YDYbRlWizqhe7NyKwi9oRnMusUMjoZuN6k8xgHGr3dWdOha2GJlKFyOlBr4+su84YRv/itNt/8v7cJMTbn2c6ElRrFEEToqNHw46tf2vhfZVwuP4XUcUmQSkhVWBgXO8Q/3UJTsvCbkr+RxwCaVM9H4QrAyQjSi8rxkSAT0hycdNj4263/Yh8pth69Guh2hphh/w4nJYIGJMfd1Y63Qcc8GSWdHQ81cUTFKDIGhYIsVF+cPPfpXoIbgqVUAoxuwGwujCuDoxDJTnHD6wag63v4hEQ3awgAtGc8FvnTOrNXyMacfSeS7w7PIzD7eav1Wwyr955bSchs8pvyMXqhwcdfPxkk1FQPIlU+QppL7MDyIzOgCrXWU7/d5WO+plmUppQZxoj21ycctjInEno0VylHY9SV53YY6Pse0R1J8Yd6hFpZbqiKUN5NuT888X21lvDw2x74GtJKhYiQG1ZQqywTCZ/GDfYWE+g/vWeieLDtimX5pZKizihS9/ES61+HxVca53VBXpSRfiNbMrGoC1xnL58iHVPR9+kCh1C6K1w/J6+FEJVk4lbLUK5I827IwmIcfvEDNEyPsl0X2i6iWdkog+ue28ejofrLmppqEO491jAHxLLgul9ShDegkNgUCRWuW9OSm2LH94EH0QK9GguAyn6TXqJzaIN4Upq+9Aw9byIYj7BO/Ai+l0NQCgHkIMkhFeBCcgojzJV7BPu33Ae2hjFuxjTdn3+rGMaH5ApXRMnjDl6/scqp6605F0QY80dRf549PBbwaO/LyWkrxtMTCARMjMgy0xfznCNRn2Y8EV2KPGPzRDKSHuliRo+krPuOkZYkPuT+7JeJ2yeTpiCobkE5VXrO00IFfPHOiA/l8IW2DbHfgxNoNDDFZ7UIFUOX2hQjaAnZobHGoUvdkv21pOMedFY7GA7uVrvmZxi7iRs9Ma21KTF2ADCWwLtjWa7I3cCuXZ/RZvHkEWLymEdFz0BivsErixOMiILOFoWsXspXs0NUz7OrWx0lrpG5ESv+F2mTIdFla22YBRjs4xqd6+BQv0FqO3e51j+EKTNE=

Compiling a .v file can run arbitrary OCaml plugin code which can do anything the coqc process has permissions to do.

Unsure if anyone has exploited it, but this might also be interesting to you: https://github.com/coq/coq/issues/11170

On Feb 1, 2020, at 2:32 PM, Timothy Carstens <intoverflow AT gmail.com> wrote:

Suppose a super-intelligent malevolent AI hands me a collection of .v files and asks me to compile them.

Is there *any* mechanism built into coqc which could be used by this evil oracle to hack my computer? Examples: ability to run shell commands, ability to write to disk, ability to detect whether or not a file at an arbitrary path exists or is readable, etc.

I *assume* the answer is "no, coqc is safe to run on untrusted .v from Internet," but I've been burned by that before (other languages) so I thought I'd better ask.

If the answer is "no," has that been the case for a nice long time, or is it only recently "no?" (Trying to gauge likelihood of bugs)

Sorry if this question is answered elsewhere; I searched but wasn't sure how to phrase the query

-t

[Coq-Club] Safe to download and compile .v from evil source ?, Timothy Carstens, 02/01/2020
- Re: [Coq-Club] Safe to download and compile .v from evil source ?, Jay Kruer, 02/01/2020
  - Re: [Coq-Club] Safe to download and compile .v from evil source ?, Andres Erbsen, 02/01/2020
    - Re: [Coq-Club] Safe to download and compile .v from evil source ?, Timothy Carstens, 02/01/2020
    - Re: [Coq-Club] Safe to download and compile .v from evil source ?, Tej Chajed, 02/01/2020
      - Re: [Coq-Club] Safe to download and compile .v from evil source ?, jonikelee AT gmail.com, 02/02/2020
      - Re: [Coq-Club] Safe to download and compile .v from evil source ?, Timothy Carstens, 02/02/2020
      - Re: [Coq-Club] Safe to download and compile .v from evil source ?, Clément Pit-Claudel, 02/02/2020
        
        Re: [Coq-Club] Safe to download and compile .v from evil source ?, Timothy Carstens, 02/02/2020
        
        Re: [Coq-Club] Safe to download and compile .v from evil source ?, jonikelee AT gmail.com, 02/02/2020
        
        Re: [Coq-Club] Safe to download and compile .v from evil source ?, Timothy Carstens, 02/02/2020
        Re: [Coq-Club] Safe to download and compile .v from evil source ?, Marco Servetto, 02/02/2020