My linux user name is included in the executable. Where did it come from?

While examining the executable that was built with a release profile out of curiosity, I found that the executable included my Linux user name.

I was a bit surprised, and I tried to find out why it was included by reducing the dependencies of the project one by one. And now I'm thinking that it came from the indexmap crate or one of its dependencies, but I'm not sure.

Does anyone know anything about this?

Here is a Bash script to reproduce.

cargo new example
cd example

cargo add indexmap

cat <<_EOF_ >>Cargo.toml

codegen-units = 1
lto = true
panic = "abort"
strip = "symbols"

cat <<_EOF_ >src/
fn main() {
    println!("{:?}", indexmap::indexmap! { "a" => 1 });

cargo build --release
strings target/release/example | grep "$USER"

The output looked like this:

/home/MY_USER_NAME/.cargo/registry/src/ overflowlibrary/alloc/src/ffi/

Here is the dependency tree:

example v0.1.0
└── indexmap v1.9.3
    └── hashbrown v0.12.3
    └── autocfg v1.1.0

My general advice is to use a dedicated account divorced from your personal information (or an even stronger sandbox) for development of Rust (or any other language where the norm is to pull dependencies in from the internet automatically). You're basically giving all your deps permission to run arbitrary programs as you already.

That said, you may be looking for the remap-path-prefix parameter until RFC 3127 support stabilizes. There's a few other issues about path sanitation in the Rust and Cargo repos which you can search for.


Thanks. I have used Docker, but never for development purposes.

When developing in a container, is it common to install only the necessary components such as cargo in the container? (In this case, the container is used only for the purpose of building the project.)

Or do you also install editing tools such as Vim or language servers in the container? (In this case, the container is also used for editing code.)

I personally do the latter (a single environment for editing and building) when developing but couldn't say what's more common.


I also install development tools in my dev container – I basically use it as a complete, separate, reproducible machine. It would be annoying to have to re-install editors and compilers every time I restart it.


If you use VS Code you could also use the dev container extension. It spins up a dedicated docker container when you open the project.


Thanks guys :+1:

This topic was automatically closed 90 days after the last reply. We invite you to open a new topic if you have further questions or comments.