From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gdb-patches-return-39738-listarch-gdb-patches=sources.redhat.com@sources.redhat.com>
Received: (qmail 7246 invoked by alias); 30 May 2005 19:41:24 -0000
Mailing-List: contact gdb-patches-help@sources.redhat.com; run by ezmlm
Precedence: bulk
List-Subscribe: <mailto:gdb-patches-subscribe@sources.redhat.com>
List-Archive: <http://sources.redhat.com/ml/gdb-patches/>
List-Post: <mailto:gdb-patches@sources.redhat.com>
List-Help: <mailto:gdb-patches-help@sources.redhat.com>, <http://sources.redhat.com/ml/#faqs>
Sender: gdb-patches-owner@sources.redhat.com
Received: (qmail 7221 invoked by uid 22791); 30 May 2005 19:41:18 -0000
Received: from nevyn.them.org (HELO nevyn.them.org) (66.93.172.17)
    by sourceware.org (qpsmtpd/0.30-dev) with ESMTP; Mon, 30 May 2005 19:41:18 +0000
Received: from drow by nevyn.them.org with local (Exim 4.50)
	id 1Dcq8S-000847-0Q; Mon, 30 May 2005 15:41:16 -0400
Date: Mon, 30 May 2005 19:53:00 -0000
From: Daniel Jacobowitz <drow@false.org>
To: "Nathan J. Williams" <nathanw@wasabisystems.com>
Cc: gdb-patches@sourceware.org
Subject: Re: RFC: Check permissions of .gdbinit files
Message-ID: <20050530194115.GA30980@nevyn.them.org>
Mail-Followup-To: "Nathan J. Williams" <nathanw@wasabisystems.com>,
	gdb-patches@sourceware.org
References: <20050530185201.GA29332@nevyn.them.org> <mtu7jhgfshj.fsf@scrubbing-bubbles.mit.edu>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <mtu7jhgfshj.fsf@scrubbing-bubbles.mit.edu>
User-Agent: Mutt/1.5.8i
X-SW-Source: 2005-05/txt/msg00641.txt.bz2

On Mon, May 30, 2005 at 03:01:28PM -0400, Nathan J. Williams wrote:
> Daniel Jacobowitz <drow@false.org> writes:
> 
> > Gentoo recently published a security update for GDB, citing the fact that
> > GDB would load .gdbinit from the current directory even if that was owned by
> > another user.  I'm not sure how I feel about running GDB in an untrusted
> > directory or on untrusted binaries and expecting it to behave sensibly, but
> > this particular issue is easy to fix.  Here's my suggested fix; it's not the
> > same as Gentoo's.  If .gdbinit is world writable or owned by a different
> > user, refuse to open it (and warn the user).
> > 
> > Anyone have opinions on this change?
> 
> I think the "owned by a different user" change is problematic. I've
> used build systems that autogenerated .gdbinit files in the build
> tree, and it would be entirely sensible for one developer to go and
> debug another developer's build.

Well that's the whole point.  You'll get a warning; would you be
happier if the warning explicitly suggested "source .gdbinit"?

-- 
Daniel Jacobowitz
CodeSourcery, LLC