coq-club AT inria.fr
Subject: The Coq mailing list
List archive
- From: "jonikelee AT gmail.com" <jonikelee AT gmail.com>
- To: Tej Chajed <tchajed AT mit.edu>
- Cc: coq-club AT inria.fr, Jay Kruer <kruerj AT reed.edu>
- Subject: Re: [Coq-Club] Safe to download and compile .v from evil source ?
- Date: Sat, 1 Feb 2020 18:10:23 -0500
- Authentication-results: mail3-smtp-sop.national.inria.fr; spf=None smtp.pra=jonikelee AT gmail.com; spf=Pass smtp.mailfrom=jonikelee AT gmail.com; spf=None smtp.helo=postmaster AT mail-qv1-f54.google.com
- Ironport-phdr: 9a23:LOU/pRTYwOERjEfEiXTMi/Baodpsv+yvbD5Q0YIujvd0So/mwa6zYBCN2/xhgRfzUJnB7Loc0qyK6vymBTdLucrJ8ChbNsAVDFld0YRetjdjKfbNMVf8Iv/uYn5yN+V5f3ghwUuGN1NIEt31fVzYry76xzcTHhLiKVg9fbytScbdgMutyu+95YDYbRlWizqhe7NyKwi9oRnMusUMjoZuN6k8xgHGr3ZGdOha2WxlLk+Xkxrg+8u85pFu/zletv4768JMTaD2dLkkQLJFCzgrL3o779DxuxnZSguP6HocUmEInRdNHgPI8hL0UIrvvyXjruZy1zWUMsPwTbAvRDSt9LxrRwPyiCcGLDE27mfagdFtga1BoRKhoxt/w5PIYIyQKfFzcL/Rcc8cSGFcRctaSTBPDZ2gYIsOF+oBPPhXr4/hp1sVsBCyARCgCP7zxjNUg3P727Ax3eY8HgHcxAEuEdIAvmrJotv2NqgSX+e7w6bUwjvMdP5WxTXw5ZLUfh07vf2AQ7R9etfRx0k1EAPFi02dpYLnPzOS0OQNsmub4PRkVe2xlWEqsA5xoj21ycctjonFnJ4aylfB9Sl33Y04It+4SEl9Yd6lE5tfqSWaOJVoTc45TGFovTw1yrwCuZKhYCcKz5EnygfZZveafYaI5RfjW/yQITd+nH9lY66/iAyu/kij1OL9WdW70FZQoSpDndnDqGoB2ADU6siCTPZ240Sv2S6X2gzN9u1JJVo4mKnbJpI73LI8i54evV7DEyL5gEn6kq6belk59uWt9ujqZqnpq5qTOoJ1lg3yLqEjltG8DOk6NwUBQnWU9Oay2bDm/0D0Qa9Fg/8zn6bDsJ3XJ8QWq6u6DgNIyIku6RCyBCq83tsCh3kINldFdQqHj4f3P1HOJ+j1DfKljFStlDdn3unGPqP8DpnUIHjOkLjscaxy605bzwozwtRf6IxOBr4dJ/LzX1f9tN3eDhAnLwy52/jrBMl5248EWm+CArWVPL3PvVKM/O4iI+aBaJcQuDnnKvgl4/DujWU+mV8YZaSp35wXaHa5HvRlPUqZZWTjjckaHGcFuwoxVu3qiFmYXTFPYHayWrow5isnB4K+EYfDWoetjaSd0ye8B51af3xJClSREXjzbIiEQPcNaCeKIsB7iDAEVL6hS5Ug1R60rgP6xaBnfaLo/XgkuJCr/9h85eDf3UUu/jx9DcmR+2SMUyd5kn5eFBEs26Uq6056zFaA3Kx1jtRXENVS47VCVQJwfcreyOp7CN32Vw/pcdKASVLgSdKjV2JiBuktysMDNh4uU+6piQrOim/zW+dMxu67Qacs+6eZ5EDfYsN0ynLIzq4k1gB0Tc5GNGngjal6pVGKWtz51n6BnqPvTpwymS7A8GDZkDiLtUBcFRduCODLACxZaUzRotD0oEjFSu32UOh1Ak560ceHb5ByRJjxl1wfHaXsPd3fZyS6nGLiXRs=
I am a Coq user and also have familiarity configuring and using
sandboxes. Coincidentally, I am about to set up a firejail sandbox
around Coq, and have previously been using virtual machines for this
purpose. If you'd like some help setting up a container for Coq, I'm
available to help.
-- Jonathan
On Sat, 1 Feb 2020 17:53:35 -0500
Tej Chajed
<tchajed AT mit.edu>
wrote:
> I think you should assume that it's *unsafe* unless you run it in a
> carefully-designed sandbox. At the very least one can easily write
> files which take huge amounts of time, memory, or disk space while
> compiling.
>
> For some idea of some of the issues, see this thread on a similar
> question for compiling C:
> https://security.stackexchange.com/questions/138881/is-it-dangerous-to-compile-arbitrary-c.
> In particular see Matt G's answer, since he runs a site that compiles
> arbitrary C. Essentially he runs the whole thing in a VM that doesn't
> have secrets, and then has extra mitigations to give nicer error
> messages when people try to exploit the compiler.
>
> On Sat, Feb 1, 2020 at 5:44 PM Andres Erbsen
> <andreser AT mit.edu>
> wrote:
>
> > Redirect and Extraction commands write to the disk by spec. I
> > reported it a while back and was told that I shouldn't expect coqc
> > on unknown code to be safe in any sense.
- [Coq-Club] Safe to download and compile .v from evil source ?, Timothy Carstens, 02/01/2020
- Re: [Coq-Club] Safe to download and compile .v from evil source ?, Jay Kruer, 02/01/2020
- Re: [Coq-Club] Safe to download and compile .v from evil source ?, Andres Erbsen, 02/01/2020
- Re: [Coq-Club] Safe to download and compile .v from evil source ?, Timothy Carstens, 02/01/2020
- Re: [Coq-Club] Safe to download and compile .v from evil source ?, Tej Chajed, 02/01/2020
- Re: [Coq-Club] Safe to download and compile .v from evil source ?, jonikelee AT gmail.com, 02/02/2020
- Re: [Coq-Club] Safe to download and compile .v from evil source ?, Timothy Carstens, 02/02/2020
- Re: [Coq-Club] Safe to download and compile .v from evil source ?, Clément Pit-Claudel, 02/02/2020
- Re: [Coq-Club] Safe to download and compile .v from evil source ?, Timothy Carstens, 02/02/2020
- Re: [Coq-Club] Safe to download and compile .v from evil source ?, jonikelee AT gmail.com, 02/02/2020
- Re: [Coq-Club] Safe to download and compile .v from evil source ?, Timothy Carstens, 02/02/2020
- Re: [Coq-Club] Safe to download and compile .v from evil source ?, Marco Servetto, 02/02/2020
- Re: [Coq-Club] Safe to download and compile .v from evil source ?, Jason Gross, 02/02/2020
- Re: [Coq-Club] Safe to download and compile .v from evil source ?, Timothy Carstens, 02/02/2020
- Re: [Coq-Club] Safe to download and compile .v from evil source ?, jonikelee AT gmail.com, 02/02/2020
- Re: [Coq-Club] Safe to download and compile .v from evil source ?, Timothy Carstens, 02/02/2020
- Re: [Coq-Club] Safe to download and compile .v from evil source ?, jonikelee AT gmail.com, 02/02/2020
- Re: [Coq-Club] Safe to download and compile .v from evil source ?, Timothy Carstens, 02/02/2020
- Re: [Coq-Club] Safe to download and compile .v from evil source ?, Andres Erbsen, 02/01/2020
- Re: [Coq-Club] Safe to download and compile .v from evil source ?, Jay Kruer, 02/01/2020
Archive powered by MHonArc 2.6.18.