[patch#2 4/6] set auto-load safe-path

Tue Apr 3 18:33:00 GMT 2012

On Fri, 30 Mar 2012 09:46:48 +0200, Eli Zaretskii wrote:
> OK, but perhaps say that a semi-colon is to be used on MS-Windows and
> MS-DOS systems.

Added (the details are already in texinfo, aren't they):

set auto-load safe-path <dir1>[:<dir2>...]
show auto-load safe-path
  Set a list of directories from which it is safe to auto-load files.
  The delimiter (':' above) may differ according to the host platform.

> > +@item show auto-load safe-path
> > +Show the list of directories (and their subdirectories) trusted for automatic
> > +loading and execution of scripts.
> 
> Does the command really show the subdirectories?  If not, I think you
> meant to say that having a directory in the list makes all of its
> subdirectories safe as well; if so, you should say this where you
> describe the "set" command.

True, removed "(and their subdirectories)" copy-paste mistake for "show".

> > +See also deprecated @ref{Current Directory Init File during Startup}.
> 
> Again, HTML-style references don't work well.  Use @pxref instead, as
> I showed in my other message.

Used:

Users can add their source directories in init files in 
their home directories (@pxref{Home Directory Init File}).  See also deprecated
init file in the current directory 
(@pxref{Init File in the Current Directory during Startup}).

Also used @samp for:

@item @samp{~/.gdbinit}: @samp{set auto-load no}

> > +Be aware even downloaded source packages may contain exploit code which may get
> > +executed by @value{GDBN} without explicitly running any program therein.
> 
> I'm not sure this text belongs to the GDB manual.  General-purpose
> security considerations are not the subject of this manual.

OK, removed.

> > +This setting should contain so called canonical filenames, after any symbolic
> > +links, current and parent directories have been resolved.
> 
> That's a nuisance for users, isn't it?  Suppose the sysadmin
> reconfigures the system so that my home directory is moved to another
> filesystem -- all my safe directories will stop working at that very
> instant, right?  Where's the principle of the least astonishment?

I agree, I was scared of some security hole due to it but I cannot see any.

Adjusted the code but it does not have much effect, GDB uses realpath everywhere.
I understand it is more convenient for use to see
	/usr/lib/debug/usr/bin/gencat.debug
than to see
	/usr/lib/debug/.build-id/00/23afd72ceb9ca801978b36da0cdb172d74d185.debug

Anyway the doc text is now:

This setting applies to the pathnames as entered by user.  If no entry matches
@value{GDBN} tries as a last resort to also resolve all the pathnames into
their canonical form (typically resolving symbolic links) and compare the
entries again.  @value{GDBN} already canonicalizes most of the filenames on its
own before starting the comparison so a canonical form of directories is 
recommended to be entered.

Thanks,
Jan