This is the mail archive of the
gdb-patches@sourceware.org
mailing list for the GDB project.
Re: [patch#2 4/6] set auto-load safe-path
- From: Jan Kratochvil <jan dot kratochvil at redhat dot com>
- To: Eli Zaretskii <eliz at gnu dot org>
- Cc: gdb-patches at sourceware dot org
- Date: Tue, 3 Apr 2012 20:33:20 +0200
- Subject: Re: [patch#2 4/6] set auto-load safe-path
- References: <20120329091404.GE25449@host2.jankratochvil.net> <83fwcq1qfr.fsf@gnu.org>
On Fri, 30 Mar 2012 09:46:48 +0200, Eli Zaretskii wrote:
> OK, but perhaps say that a semi-colon is to be used on MS-Windows and
> MS-DOS systems.
Added (the details are already in texinfo, aren't they):
set auto-load safe-path <dir1>[:<dir2>...]
show auto-load safe-path
Set a list of directories from which it is safe to auto-load files.
The delimiter (':' above) may differ according to the host platform.
> > +@item show auto-load safe-path
> > +Show the list of directories (and their subdirectories) trusted for automatic
> > +loading and execution of scripts.
>
> Does the command really show the subdirectories? If not, I think you
> meant to say that having a directory in the list makes all of its
> subdirectories safe as well; if so, you should say this where you
> describe the "set" command.
True, removed "(and their subdirectories)" copy-paste mistake for "show".
> > +See also deprecated @ref{Current Directory Init File during Startup}.
>
> Again, HTML-style references don't work well. Use @pxref instead, as
> I showed in my other message.
Used:
Users can add their source directories in init files in
their home directories (@pxref{Home Directory Init File}). See also deprecated
init file in the current directory
(@pxref{Init File in the Current Directory during Startup}).
Also used @samp for:
@item @samp{~/.gdbinit}: @samp{set auto-load no}
> > +Be aware even downloaded source packages may contain exploit code which may get
> > +executed by @value{GDBN} without explicitly running any program therein.
>
> I'm not sure this text belongs to the GDB manual. General-purpose
> security considerations are not the subject of this manual.
OK, removed.
> > +This setting should contain so called canonical filenames, after any symbolic
> > +links, current and parent directories have been resolved.
>
> That's a nuisance for users, isn't it? Suppose the sysadmin
> reconfigures the system so that my home directory is moved to another
> filesystem -- all my safe directories will stop working at that very
> instant, right? Where's the principle of the least astonishment?
I agree, I was scared of some security hole due to it but I cannot see any.
Adjusted the code but it does not have much effect, GDB uses realpath everywhere.
I understand it is more convenient for use to see
/usr/lib/debug/usr/bin/gencat.debug
than to see
/usr/lib/debug/.build-id/00/23afd72ceb9ca801978b36da0cdb172d74d185.debug
Anyway the doc text is now:
This setting applies to the pathnames as entered by user. If no entry matches
@value{GDBN} tries as a last resort to also resolve all the pathnames into
their canonical form (typically resolving symbolic links) and compare the
entries again. @value{GDBN} already canonicalizes most of the filenames on its
own before starting the comparison so a canonical form of directories is
recommended to be entered.
Thanks,
Jan