This is the mail archive of the
gdb-patches@sourceware.org
mailing list for the GDB project.
[doc patch] auto-load: Make more set auto-load safe-path references [Re: [patch#3 5/8] set auto-load safe-path]
- From: Jan Kratochvil <jan dot kratochvil at redhat dot com>
- To: Joel Brobecker <brobecker at adacore dot com>
- Cc: gdb-patches at sourceware dot org, Eli Zaretskii <eliz at gnu dot org>
- Date: Wed, 9 May 2012 20:25:55 +0200
- Subject: [doc patch] auto-load: Make more set auto-load safe-path references [Re: [patch#3 5/8] set auto-load safe-path]
- References: <20120403185058.GE14189@host2.jankratochvil.net> <20120509042129.GA24867@adacore.com>
Hi Joel,
On Wed, 09 May 2012 06:21:29 +0200, Joel Brobecker wrote:
> In my opinion, we should definitely mention the "auto-load safe-path"
> setting at the very beginning of the auto-load section, before we start
> talking about the various kinds of files that can be automatically
> loaded. And I also think that it would be beneficial to add a reference
> to the safe-path setting in all "set auto-load ..." commands, to make
> sure that people who quickly search the documentation do not miss the
> important fact that setting "auto-load local-gdbinit" to "on" might not
> be sufficient.
attached.
> And lastly, it would have been nice if, after reading the documentation,
> the user could have had a sense of what policy GDB implements by default.
> For instance, GDB's default policy is to enable auto-loading of all
> files, but only from trusted directories specified via the "auto-load
> safe-path" setting.
There is already that paragraph (in Node: Auto-loading safe path):
Setting this variable to `/' disables this security protection,
corresponding GDB configuration option is
`--without-auto-load-safe-path'. This variable is supposed to be set
to the system directories writable by the system superuser only. Users
can add their source directories in init files in their home
directories (*note Home Directory Init File::). See also deprecated
init file in the current directory (*note Init File in the Current
Directory during Startup::).
Do you find it insufficient?
Thanks,
Jan
gdb/doc
2012-05-09 Jan Kratochvil <jan.kratochvil@redhat.com>
* gdb.texinfo (Auto-loading, Init File in the Current Directory)
(libthread_db.so.1 file, objfile-gdb.gdb file, objfile-gdb.py file)
(dotdebug_gdb_scripts section): Add reference
to 'Auto-loading safe path'.
--- a/gdb/doc/gdb.texinfo
+++ b/gdb/doc/gdb.texinfo
@@ -20973,6 +20973,10 @@ without being explicitly told so by the user. We call this feature
results or introduce security risks (e.g., if the file comes from untrusted
sources).
+Notice loading of these associated files (including the local @file{.gdbinit}
+file) requires accordingly configured @code{auto-load safe-path}
+(@pxref{Auto-loading safe path}).
+
For these reasons, @value{GDBN} includes commands and options to let you
control when to auto-load files and which files should be auto-loaded.
@@ -21110,6 +21114,9 @@ By default, @value{GDBN} reads and executes the canned sequences of commands
from init file (if any) in the current working directory,
see @ref{Init File in the Current Directory during Startup}.
+Notice loading of this local @file{.gdbinit} file also requires accordingly
+configured @code{auto-load safe-path} (@pxref{Auto-loading safe path}).
+
@table @code
@anchor{set auto-load local-gdbinit}
@kindex set auto-load local-gdbinit
@@ -21146,6 +21153,9 @@ libraries have to be trusted in general. In all other cases of
auto-load libthread-db} is enabled before trying to open such thread debugging
library.
+Notice loading of this debugging library also requires accordingly configured
+@code{auto-load safe-path} (@pxref{Auto-loading safe path}).
+
@table @code
@anchor{set auto-load libthread-db}
@kindex set auto-load libthread-db
@@ -21173,6 +21183,9 @@ for each such library print list of inferior @var{pid}s using it.
canned sequences of commands (@pxref{Sequences}), as long as @samp{set
auto-load gdb-scripts} is set to @samp{on}.
+Notice loading of this script file also requires accordingly configured
+@code{auto-load safe-path} (@pxref{Auto-loading safe path}).
+
For more background refer to the similar Python scripts auto-loading
description (@pxref{objfile-gdb.py file}).
@@ -25463,7 +25476,10 @@ then @value{GDBN} will look for @var{script-name} in all of the
directories mentioned in the value of @code{debug-file-directory}.
Finally, if this file does not exist, then @value{GDBN} will look for
-@var{script-name} file in all of the directories specified by:
+@var{script-name} file in all of the directories as specified below.
+
+Notice loading of this script file also requires accordingly configured
+@code{auto-load safe-path} (@pxref{Auto-loading safe path}).
@table @code
@anchor{set auto-load scripts-directory}
@@ -25539,6 +25555,9 @@ DEFINE_GDB_SCRIPT ("my-app-scripts.py")
The script name may include directories if desired.
+Notice loading of this script file also requires accordingly configured
+@code{auto-load safe-path} (@pxref{Auto-loading safe path}).
+
If the macro is put in a header, any application or library
using this header will get a reference to the specified script.