From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gdb-patches-return-80725-listarch-gdb-patches=sources.redhat.com@sourceware.org>
Received: (qmail 25489 invoked by alias); 2 May 2011 19:15:19 -0000
Received: (qmail 25478 invoked by uid 22791); 2 May 2011 19:15:18 -0000
X-SWARE-Spam-Status: No, hits=-6.4 required=5.0	tests=AWL,BAYES_00,RCVD_IN_DNSWL_HI,SPF_HELO_PASS,T_RP_MATCHES_RCVD
X-Spam-Check-By: sourceware.org
Received: from mx1.redhat.com (HELO mx1.redhat.com) (209.132.183.28)    by sourceware.org (qpsmtpd/0.43rc1) with ESMTP; Mon, 02 May 2011 19:14:59 +0000
Received: from int-mx09.intmail.prod.int.phx2.redhat.com (int-mx09.intmail.prod.int.phx2.redhat.com [10.5.11.22])	by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id p42JExBA004427	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK)	for <gdb-patches@sourceware.org>; Mon, 2 May 2011 15:14:59 -0400
Received: from host1.jankratochvil.net (ovpn01.gateway.prod.ext.phx2.redhat.com [10.5.9.1])	by int-mx09.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id p42JEuuu018109	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO);	Mon, 2 May 2011 15:14:58 -0400
Received: from host1.jankratochvil.net (localhost [127.0.0.1])	by host1.jankratochvil.net (8.14.4/8.14.4) with ESMTP id p42JEuMr013671;	Mon, 2 May 2011 21:14:56 +0200
Received: (from jkratoch@localhost)	by host1.jankratochvil.net (8.14.4/8.14.4/Submit) id p42JEtD8013670;	Mon, 2 May 2011 21:14:55 +0200
Date: Mon, 02 May 2011 19:15:00 -0000
From: Jan Kratochvil <jan.kratochvil@redhat.com>
To: Doug Evans <dje@google.com>
Cc: gdb-patches@sourceware.org, Tom Tromey <tromey@redhat.com>
Subject: Re: [RFA] Add $pdir as entry for libthread-db-search-path.
Message-ID: <20110502191455.GA6481@host1.jankratochvil.net>
References: <20110429035837.9A1EA24619F@ruffy.mtv.corp.google.com> <20110429123634.GA23843@host1.jankratochvil.net> <BANLkTinAR8yLHhR7KF8ROLTVQskA6fLQdg@mail.gmail.com> <20110429170824.GA6107@host1.jankratochvil.net> <BANLkTinagVcXZqvOg80eoFMnyaw9T0OYUw@mail.gmail.com> <BANLkTin84GeKykSDmc=heySNtCypMqWgdA@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <BANLkTin84GeKykSDmc=heySNtCypMqWgdA@mail.gmail.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
X-IsSubscribed: yes
Mailing-List: contact gdb-patches-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <gdb-patches.sourceware.org>
List-Subscribe: <mailto:gdb-patches-subscribe@sourceware.org>
List-Archive: <http://sourceware.org/ml/gdb-patches/>
List-Post: <mailto:gdb-patches@sourceware.org>
List-Help: <mailto:gdb-patches-help@sourceware.org>, <http://sourceware.org/ml/#faqs>
Sender: gdb-patches-owner@sourceware.org
X-SW-Source: 2011-05/txt/msg00036.txt.bz2

On Sun, 01 May 2011 20:34:02 +0200, Doug Evans wrote:
> 1) This is a patch for the FSF tree, not Fedora.
> If this kind of security concern is the rule for the FSF tree

As both libthread_db and pretty printers have the same attack surface (*) as
	DWARF expression overflow
	http://cve.mitre.org/cgi-bin/cvename.cgi?name=2006-4146
where this CVE lists all public GNU/Linux vendors I do not think such security
requirement is Fedora specific.

(*) That is a foreign binary which is enough to just load into GDB.

OTOH the other attack
	.gdbinit current directory execution
	http://cve.mitre.org/cgi-bin/cvename.cgi?name=2005-1705
also lists multiple GNU/Linux vendors and the issue is not yet fixed in FSF
GDB.  But this is IMO just still work in prograss / unfinished, not rejected:
	[RFA] .gdbinit security (revived) [incl doc]
	http://sourceware.org/ml/gdb-patches/2010-11/msg00276.html


Thanks,
Jan