This is the mail archive of the gdb-patches@sourceware.org mailing list for the GDB project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [PATCH] Also install data-directory into the build directory as computed by relocate_gdb_directory


On Thu, Oct 4, 2012 at 6:49 AM, Joel Brobecker <brobecker@adacore.com> wrote:
>> Why not?  Aren't there specific directories and/or files near the GDB
>> executable in this case?
>
> I have a feeling that this would open the door allowing attackers
> to setup GDB to execute unwanted code if we make it easy to reproduce
> the same environment and place GDB in a mode where it thinks it is
> inside a build directory.

auto-load safe-path isn't circumvented.
Ever done ./gdb ./gdb and got the complaint about gdb-gdb.gdb not
being loaded? :-)
[Working around that is in my ~/.gdbinit, but I still run into it from
time to time.]

Heh.  A thought occurred to me.
The default value of "auto-load safe-path" is
$debugdir:$datadir/auto-load.
Is it a bug that
./gdb --data-directory $(pwd)/data-directory ./gdb
loads data-directory/python/gdb/__init__.py
?

And do we need to augment Python's module loader to handle gdb's
auto-load safe-path?


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]