From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gdb-patches-return-87222-listarch-gdb-patches=sources.redhat.com@sourceware.org>
Received: (qmail 12056 invoked by alias); 17 Jan 2012 19:12:43 -0000
Received: (qmail 12048 invoked by uid 22791); 17 Jan 2012 19:12:42 -0000
X-SWARE-Spam-Status: No, hits=-6.6 required=5.0	tests=AWL,BAYES_00,RCVD_IN_DNSWL_HI,SPF_HELO_PASS,T_RP_MATCHES_RCVD
X-Spam-Check-By: sourceware.org
Received: from mx1.redhat.com (HELO mx1.redhat.com) (209.132.183.28)    by sourceware.org (qpsmtpd/0.43rc1) with ESMTP; Tue, 17 Jan 2012 19:12:28 +0000
Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23])	by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id q0HJCRAP027942	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK);	Tue, 17 Jan 2012 14:12:27 -0500
Received: from host2.jankratochvil.net (ovpn-116-21.ams2.redhat.com [10.36.116.21])	by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id q0HJCNpM020548	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO);	Tue, 17 Jan 2012 14:12:26 -0500
Date: Tue, 17 Jan 2012 19:20:00 -0000
From: Jan Kratochvil <jan.kratochvil@redhat.com>
To: Doug Evans <dje@google.com>
Cc: gdb-patches@sourceware.org
Subject: Re: [patch] New set auto-load-local-gdbinit + disable it by default
Message-ID: <20120117191223.GA15125@host2.jankratochvil.net>
References: <20120117095552.GA6141@host2.jankratochvil.net> <CADPb22Ty_iWAPNifD2zn8RDM13HfHVt0swbRbt+LBua8R5aB4w@mail.gmail.com> <20120117162621.GA3883@host2.jankratochvil.net> <CADPb22S0ewOcbATLRQBf_90oUC43MuKvycn81d7K=Yx-t_u_WQ@mail.gmail.com> <20120117165640.GB5344@host2.jankratochvil.net> <CADPb22S51Er8=Bdirwbj1h=dn0awZjrfuJWXkX8Fdd3tORKE-g@mail.gmail.com> <20120117174839.GA8459@host2.jankratochvil.net> <CADPb22RyVFvXBxfFMxWGZ1WayBhF0Gc-uOvswJbCvHvoUoXJyg@mail.gmail.com> <20120117184244.GA13988@host2.jankratochvil.net> <CADPb22SV0Kcf4Eq6UZsSvekg9rPJjyH11Frf=P6UxhfewYyQpQ@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <CADPb22SV0Kcf4Eq6UZsSvekg9rPJjyH11Frf=P6UxhfewYyQpQ@mail.gmail.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
X-IsSubscribed: yes
Mailing-List: contact gdb-patches-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <gdb-patches.sourceware.org>
List-Subscribe: <mailto:gdb-patches-subscribe@sourceware.org>
List-Archive: <http://sourceware.org/ml/gdb-patches/>
List-Post: <mailto:gdb-patches@sourceware.org>
List-Help: <mailto:gdb-patches-help@sourceware.org>, <http://sourceware.org/ml/#faqs>
Sender: gdb-patches-owner@sourceware.org
X-SW-Source: 2012-01/txt/msg00619.txt.bz2

On Tue, 17 Jan 2012 20:02:21 +0100, Doug Evans wrote:
> I wouldn't want to make such a substantial change based on a guess.

OK, I can post an online survey to <devel at lists.fedoraproject.org> or if
you have any other idea.


> > (a) Extract first and second argument in shell, that will be several lines of
> >    code.
[...]
> As opposed to a script named, say, secure-gdb that did that?

The problem is that script needs to parse out properly the arguments
(executable/core/PID) including properly recognizing --args, which is probably
doable but I find it a bit fragile and definitely not easy.


> Maintenance of pure additions is far easier than maintenance of local
> mods that involve changes.

It will become difficult wrt maintenance of GDB options parsing compatibility.


But I accept it if you really oppose a new GDB option.


> My point is a security audit of GDB is more than just fixing the bugs
> we know of.
> As is taking on the job of keeping it that way.

I agree but there are no assigned resources for it.

And I find better to ship program with no known security flaws (*) than to
ship it with known security flaws.  And after all I cannot choose the second
option anyway.

(*) I believe there possibly may not be any.


Thanks,
Jan