This is the mail archive of the
gdb-patches@sourceware.org
mailing list for the GDB project.
Re: [PATCH] Make sure GDB uses a valid shell when starting the inferior and to perform the "shell" command
- From: Sergio Durigan Junior <sergiodj at redhat dot com>
- To: Eli Zaretskii <eliz at gnu dot org>
- Cc: simon dot marchi at ericsson dot com, gdb-patches at sourceware dot org
- Date: Fri, 24 Jul 2015 15:28:58 -0400
- Subject: Re: [PATCH] Make sure GDB uses a valid shell when starting the inferior and to perform the "shell" command
- Authentication-results: sourceware.org; auth=none
- References: <1437761993-18758-1-git-send-email-sergiodj at redhat dot com> <55B2850D dot 6030306 at ericsson dot com> <87k2tp5q3g dot fsf at redhat dot com> <838ua52wmp dot fsf at gnu dot org>
On Friday, July 24 2015, Eli Zaretskii wrote:
>> From: Sergio Durigan Junior <sergiodj@redhat.com>
>> Cc: GDB Patches <gdb-patches@sourceware.org>
>> Date: Fri, 24 Jul 2015 15:10:27 -0400
>>
>> > Note that on my Ubuntu 14.04:
>> >
>> > $ which nologin
>> > /usr/sbin/nologin
>>
>> /sbin/nologin is probably a symlink to this file, isn't it? But yeah,
>> the check could include /usr/sbin/nologin as well.
>>
>> > I think that /bin/false is also commonly specified as the default shell
>> > for system users (at least according to my /etc/passwd).
>>
>> Indeed. I will include /bin/false as well.
>
> Since the number of valid shells is much smaller than the number of
> non-shell programs, isn't it better to have a database of known shells
> than to have a database of non-shells people could be expected to set
> SHELL to?
My intention is not to catch all the invalid shells that can be set, but
rather make sure that the shell is at least an executable, and is not
something that is commonly used as a "non-shell", like /sbin/nologin or
/bin/false. Other than these two I cannot think of many more options to
cover in the check.
Another good thing about doing this type of check is that every known
and unknown shell will still work. When we explicitly check for certain
shell's as you suggest, it means that if we forget any of them its users
will be negatively impacted.
--
Sergio
GPG key ID: 237A 54B1 0287 28BF 00EF 31F4 D0EB 7628 65FC 5E36
Please send encrypted e-mail if possible
http://sergiodj.net/