On Sunday 04 March 2007, Daniel Jacobowitz wrote:
> On Sun, Mar 04, 2007 at 06:08:02PM -0500, Mike Frysinger wrote:
> > attached patch checks to see if the $PWD/.gdbinit file is world writable
> > and if so, warn about this and refuse to load it
> >
> > idea being that since you can execute just about anything in it, you dont
> > want random people inserting this in it
> >
> > of course, the usefulness of this is marginalized if .gdbinit is owned by
> > a diff user and they just make it world readable but not world writable
> > ... but i dont think a cwdbuf.st_uid == getuid() would be accepted ?
>
> You can find my more thorough patch for this in the archives, from
> late May 2006.  There was some feedback (to be honest I completely
> don't remember what it was) and I never got back to it.  I think Red
> Hat has a different patch for it in their RPMS, too.

ah i had searched but hadnt found that one since it dated so old (June 2005: 
RFC: Check permissions of .gdbinit files)

thanks for the pointer
-mike