New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
cmd/compile: document -trimpath #8999
Comments
The -s option does work, in the sense that it removes the debug info read by gdb. Stripping the file name information means that stack traces and functions like runtime.Caller do not work, meaning that basic packages like log do not work. Doing that amounts to a way to silently break Go programs. See issue #6245. What is the actual problem you are trying to solve? The pack program used to have an option to remove prefixes from file names, but we may have lost that feature when we added the -pack option to gc and rewrote the pack program in Go. Would restoring that feature fix your problem? Labels changed: added repo-main, release-none. |
Quoting the original poster's comments from the original thread: > I ship my binary to users and I use the -s option to strip out information like the full path of my build environment, the home directory, unix username etc. I'm still using go 1.1 specifically for this reason. I feel being able to strip this information is important to anyone who is distributing their binaries to other people. https://groups.google.com/d/msg/golang-nuts/d-t_CfWFxhQ/F83J-Oyde-AJ >> A workaround is just to build in a VM with generic username and home directory. > It's not just the username and home directory. The path for different packages are also inserted which may leak some of the project names and internal package names. https://groups.google.com/d/msg/golang-nuts/d-t_CfWFxhQ/esLu0TIndYMJ |
If the actual problem is defined as "leaking project names and internal package names" then I'm not particularly sympathetic. If it were harmless, sure, but it is not. I'm certainly open to compromise solutions that do not break runtime.Caller, which is why I mentioned the old pack option. |
In Go 1.2 the P option to pack was documented as [P prefix] The new option 'P' causes pack to remove the given prefix from file names in the line number information in object files that are already stored in or added to the archive. Labels changed: added release-go1.5, removed release-none. |
How is this pack tool supposed to work? I was trying it in go v1.2.2 but couldn't figure out how it works. $ go version go version go1.2.2 linux/amd64 $ go tool pack -P $GOPATH pkg/linux_amd64/foo.a pack: bad option `-' > with regards to "leaking project/package names", a "solution" could be probably an external "source code mangler" Thanks for the suggestion. I'll check if any such tools exist. |
There is a -trimpath option to cmd/compile already. You just need to use it ( There is no option in the linker: it's too late by then. |
CL https://golang.org/cl/16918 mentions this issue. |
by chetan.hs:
The text was updated successfully, but these errors were encountered: