This is the mail archive of the
gdb-patches@sourceware.org
mailing list for the GDB project.
Re: [PATCH] Make sure GDB uses a valid shell when starting the inferior and to perform the "shell" command
- From: Sergio Durigan Junior <sergiodj at redhat dot com>
- To: Eli Zaretskii <eliz at gnu dot org>
- Cc: simon dot marchi at ericsson dot com, gdb-patches at sourceware dot org
- Date: Sat, 25 Jul 2015 13:03:12 -0400
- Subject: Re: [PATCH] Make sure GDB uses a valid shell when starting the inferior and to perform the "shell" command
- Authentication-results: sourceware.org; auth=none
- References: <1437761993-18758-1-git-send-email-sergiodj at redhat dot com> <55B2850D dot 6030306 at ericsson dot com> <87k2tp5q3g dot fsf at redhat dot com> <838ua52wmp dot fsf at gnu dot org> <87fv4d5p8l dot fsf at redhat dot com> <837fpp2uz5 dot fsf at gnu dot org> <55B29B84 dot 5000707 at ericsson dot com> <8361583e6v dot fsf at gnu dot org> <87oaj042uz dot fsf at redhat dot com> <834mks196a dot fsf at gnu dot org>
On Saturday, July 25 2015, Eli Zaretskii wrote:
>> From: Sergio Durigan Junior <sergiodj@redhat.com>
>> Cc: Simon Marchi <simon.marchi@ericsson.com>, gdb-patches@sourceware.org
>> Date: Sat, 25 Jul 2015 12:29:56 -0400
>>
>> My goal was not to match every possible invalid shell out there, nor to
>> make sure that the specified shell is a known and valid shell. My goal
>> was to make sure that the shell exists, is an executable, and is not
>> something that is commonly used to disable logins (/sbin/nologin or
>> /bin/false are the obvious candidates here).
>>
>> The 2 additional candidates that have been mentioned were actually just
>> 1: I did not remember to include /bin/false in the list before, but
>> /usr/sbin/nologin is nologin (and I could even just check for the
>> basename as you proposed in another message, eliminating the need to
>> include checks for {,/usr}).
>>
>> I don't think we will see the list of non-shells expanding much more.
>> One can always say "Hey, but /bin/ls is a not a shell!", and we will say
>> "Right, and it is not commonly used as shell anyway".
>
> Just reading the section you proposed for the manual seems to imply
> the goals are much wider than you say above. If we only want to avoid
> these 2 non-shells, why do we even need to document that obscure
> detail?
Because I think it is worth documenting this to the user; the more
information we give about how GDB behaves, the better (IMHO).
The new section says:
@node Valid Shell
@subsection Valid Shell
@value{GDBN} considers a @emph{valid shell} a file that:
@enumerate
@item
Exists and can be executed by the user.
@item
Is not the @file{/sbin/nologin} (or @file{/usr/sbin/nologin}) program.
@item
Is not the @file{/bin/false} program.
@end enumerate
If any of those conditions are not met, the specified shell is not
used by @value{GDBN}.
I do not see any difference from what I said above, but if you think
this text can be improved, or that this text is not needed at all, then
by all means feel free to ask this.
>> Finally, I don't want to forbid the user to specify her own shell to run
>> the inferior, and to name her shell as she wants.
>
> Her shell could be named /sbin/nologin, no?
Yes... I should have said:
Finally, I don't want to forbid the user to specify her own shell to
run the inferior, and to name her shell as she wants, as long as it is
not named {,/usr}/sbin/nologin and /bin/false, and as long as it is an
existing file, and as long as this file can be executed by her.
Thanks,
--
Sergio
GPG key ID: 237A 54B1 0287 28BF 00EF 31F4 D0EB 7628 65FC 5E36
Please send encrypted e-mail if possible
http://sergiodj.net/