Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

You can see the source code of the compiled file. #29420

Closed
Magicskys opened this issue Dec 26, 2018 · 7 comments
Closed

You can see the source code of the compiled file. #29420

Magicskys opened this issue Dec 26, 2018 · 7 comments
Labels
FrozenDueToAge WaitingForInfo Issue is not actionable because of missing required information, which needs to be provided.

Comments

@Magicskys
Copy link

Magicskys commented Dec 26, 2018

What version of Go are you using (go version)?

$ go version
go 1.11

Does this issue reproduce with the latest release?

What operating system and processor architecture are you using (go env)?

go env Output
$ go env
GOHOSTARCH="amd64"
GOOS="darwin"

What did you do?

Use the tail tool to print files
tail file

What did you expect to see?

How can I not expose the source code?

What did you see instead?

When I used tail to print binary files, I exposed the source code.
OS : UNIX/LINUX/MAC OS
use : tail file

@agnivade
Copy link
Contributor

Use the tail tool to print files

Which files ? How do we get such a file ? Please give us specific instructions.

@agnivade agnivade added the WaitingForInfo Issue is not actionable because of missing required information, which needs to be provided. label Dec 26, 2018
@Magicskys
Copy link
Author

@agnivade

Which files ? How do we get such a file ? Please give us specific instructions.

This is a file of mys. After the tail, I can see the package I imported or some other things.
I am not sure if this is normal, or is there any way to prevent others from seeing this?

If you need this file I can provide you with a temporary file download address. I also found this kind of situation in other documents, maybe you can also test it.

image

@ALTree
Copy link
Member

ALTree commented Dec 26, 2018

This is related to #19226 (and a few others), and it is expected.

Stripping package paths would break runtime.Caller and reflect.Type.PkgPath. I don't think there is any reasonable way that we can do it.

In theory you could use the -trimpath flags and the -w -s linker flags to somewhat reduce the amount of meta-information included in the binaries (see #19226 (comment)), but AFAIK the use of -trimpath is discouraged.

@agnivade
Copy link
Contributor

Yes, so in #19226, the user is using strings on the binary. But the OP is using tail. It is quite impossible to see plain text using just tail on a binary. Hence I was a bit baffled.

@ALTree
Copy link
Member

ALTree commented Dec 26, 2018

It is quite impossible to see plain text using just tail on a binary.

I don't think this is completely true; I see a fair amount of plain-text when I tail C binaries on my system.

@agnivade
Copy link
Contributor

Ah you are right ! That is because this is at the end of the file (which I failed to realize contains plain-text data).

It seems like this is expected as mentioned in #19226. So I am closing this one. Thanks for the clarification @ALTree.

@Magicskys
Copy link
Author

Thank you very much for your help, thank you. @agnivade @ALTree

@golang golang locked and limited conversation to collaborators Dec 27, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
FrozenDueToAge WaitingForInfo Issue is not actionable because of missing required information, which needs to be provided.
Projects
None yet
Development

No branches or pull requests

4 participants