From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 25970 invoked by alias); 22 Apr 2012 16:52:01 -0000 Received: (qmail 25960 invoked by uid 22791); 22 Apr 2012 16:51:58 -0000 X-SWARE-Spam-Status: No, hits=-6.3 required=5.0 tests=AWL,BAYES_00,KHOP_RCVD_UNTRUST,RCVD_IN_DNSWL_HI,RCVD_IN_HOSTKARMA_W,SPF_HELO_PASS,T_RP_MATCHES_RCVD X-Spam-Check-By: sourceware.org Received: from mx1.redhat.com (HELO mx1.redhat.com) (209.132.183.28) by sourceware.org (qpsmtpd/0.43rc1) with ESMTP; Sun, 22 Apr 2012 16:51:36 +0000 Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id q3MGpZLV019826 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Sun, 22 Apr 2012 12:51:35 -0400 Received: from host2.jankratochvil.net (ovpn-116-17.ams2.redhat.com [10.36.116.17]) by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id q3MGpSbO028077 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO); Sun, 22 Apr 2012 12:51:31 -0400 Date: Sun, 22 Apr 2012 16:52:00 -0000 From: Jan Kratochvil To: gdb-patches@sourceware.org Cc: Doug Evans Subject: [patch] auto-load safe-path reset back by set "" Message-ID: <20120422165128.GA21820@host2.jankratochvil.net> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.5.21 (2010-09-15) X-IsSubscribed: yes Mailing-List: contact gdb-patches-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: gdb-patches-owner@sourceware.org X-SW-Source: 2012-04/txt/msg00721.txt.bz2 Hi, from off-list discussion with Doug I have realized the current GDB practice is that "set var" will reset it to the factory defaults: (gdb) set libthread-db-search-path a (gdb) show libthread-db-search-path The current search path or libthread_db is "a". (gdb) set libthread-db-search-path (gdb) show libthread-db-search-path The current search path or libthread_db is "$sdir:$pdir". A similar behavior can be seen for the "directory" command. Doug's complaint was that "set auto-load safe-path" can be never reset back to the GDB compilation settings. Therefore before the auto-load feature gets in a more widespread use / release proposing this change. common: (gdb) show auto-load safe-path List of directories from which it is safe to auto-load files is /usr/local. (gdb) set auto-load safe-path ~/src (gdb) show auto-load safe-path List of directories from which it is safe to auto-load files is ~/src. (gdb) set auto-load safe-path (gdb) show auto-load safe-path before: Auto-load files are safe to load from any directory. after: List of directories from which it is safe to auto-load files is /usr/local. (gdb) set auto-load safe-path / (gdb) show auto-load safe-path Auto-load files are safe to load from any directory. TBH I would rather change "set libthread-db-search-path" so that any "set VAR" sets VAR to "" as I find it a bit confusing this way but I find it not worth the trouble changing for established "set libthread-db-search-path" so why to make "set auto-load safe-path" different. No regressions on {x86_64,x86_64-m32,i686}-fedora17-linux-gnu. I will check it in, I do not think there are going to be complaints making the behavior more in the GDB style. Thanks, Jan gdb/ 2012-04-22 Jan Kratochvil * auto-load.c (set_auto_load_safe_path): Reset AUTO_LOAD_SAFE_PATH back to DEFAULT_AUTO_LOAD_SAFE_PATH if it is being set to "". (show_auto_load_safe_path): Check any-directory by comparison with "/". (add_auto_load_safe_path): Change the error message. (_initialize_auto_load): Change the "safe-path" help text. * configure: Regenerate * configure.ac (--without-auto-load-safe-path): Set WITH_AUTO_LOAD_SAFE_PATH to /. gdb/doc/ 2012-04-22 Jan Kratochvil * gdb.texinfo (Auto-loading safe path): Make 'directories' for 'set auto-load safe-path' optional. Mention if it is omitted. Change disabling security protection condition to "/", twice. diff --git a/gdb/auto-load.c b/gdb/auto-load.c index 9d19179..9d4d0bc 100644 --- a/gdb/auto-load.c +++ b/gdb/auto-load.c @@ -181,6 +181,12 @@ auto_load_safe_path_vec_update (void) static void set_auto_load_safe_path (char *args, int from_tty, struct cmd_list_element *c) { + if (auto_load_safe_path[0] == '\0') + { + xfree (auto_load_safe_path); + auto_load_safe_path = xstrdup (DEFAULT_AUTO_LOAD_SAFE_PATH); + } + auto_load_safe_path_vec_update (); } @@ -190,7 +196,7 @@ static void show_auto_load_safe_path (struct ui_file *file, int from_tty, struct cmd_list_element *c, const char *value) { - if (*value == 0) + if (strcmp (value, "/") == 0) fprintf_filtered (file, _("Auto-load files are safe to load from any " "directory.\n")); else @@ -209,8 +215,9 @@ add_auto_load_safe_path (char *args, int from_tty) if (args == NULL || *args == 0) error (_("\ -Adding empty directory element disables the auto-load safe-path security. \ -Use 'set auto-load safe-path' instead if you mean that.")); +Directory argument required.\n\ +Use 'set auto-load safe-path /' for disabling the auto-load safe-path security.\ +")); s = xstrprintf ("%s%c%s", auto_load_safe_path, DIRNAME_SEPARATOR, args); xfree (auto_load_safe_path); @@ -1023,8 +1036,10 @@ Set the list of directories from which it is safe to auto-load files."), _("\ Show the list of directories from which it is safe to auto-load files."), _("\ Various files loaded automatically for the 'set auto-load ...' options must\n\ be located in one of the directories listed by this option. Warning will be\n\ -printed and file will not be used otherwise. Use empty string (or even\n\ -empty directory entry) to allow any file for the 'set auto-load ...' options.\n\ +printed and file will not be used otherwise.\n\ +Setting this parameter to an empty list resets it to its default value.\n\ +Setting this parameter to '/' (without the quotes) allows any file\n\ +for the 'set auto-load ...' options.\n\ This option is ignored for the kinds of files having 'set auto-load ... off'.\n\ This options has security implications for untrusted inferiors."), set_auto_load_safe_path, diff --git a/gdb/configure b/gdb/configure index 54c2399..42d2fbd 100755 --- a/gdb/configure +++ b/gdb/configure @@ -4949,7 +4949,7 @@ $as_echo_n "checking for default auto-load safe-path... " >&6; } # Check whether --with-auto-load-safe-path was given. if test "${with_auto_load_safe_path+set}" = set; then : withval=$with_auto_load_safe_path; if test "$with_auto_load_safe_path" = "no"; then - with_auto_load_safe_path="" + with_auto_load_safe_path="/" fi else with_auto_load_safe_path="$prefix" diff --git a/gdb/configure.ac b/gdb/configure.ac index a40c2e5..9bde18f 100644 --- a/gdb/configure.ac +++ b/gdb/configure.ac @@ -140,7 +140,7 @@ AC_ARG_WITH(auto-load-safe-path, AS_HELP_STRING([--with-auto-load-safe-path=PATH], [directories safe to hold auto-loaded files]) AS_HELP_STRING([--without-auto-load-safe-path], [do not restrict auto-loaded files locations]), [if test "$with_auto_load_safe_path" = "no"; then - with_auto_load_safe_path="" + with_auto_load_safe_path="/" fi], [with_auto_load_safe_path="$prefix"]) AC_DEFINE_DIR(DEFAULT_AUTO_LOAD_SAFE_PATH, with_auto_load_safe_path, diff --git a/gdb/doc/gdb.texinfo b/gdb/doc/gdb.texinfo index e8be746..6d9f0c0 100644 --- a/gdb/doc/gdb.texinfo +++ b/gdb/doc/gdb.texinfo @@ -21105,9 +21105,12 @@ The list of trusted directories is controlled by the following commands: @table @code @anchor{set auto-load safe-path} @kindex set auto-load safe-path -@item set auto-load safe-path @var{directories} +@item set auto-load safe-path [@var{directories}] Set the list of directories (and their subdirectories) trusted for automatic loading and execution of scripts. You can also enter a specific trusted file. +If you omit @var{directories}, @samp{auto-load safe-path} will be reset to +its default value as specified during @value{GDBN} compilation. + The list of directories uses directory separator (@samp{:} on GNU and Unix systems, @samp{;} on MS-Windows and MS-DOS) to separate directories, similarly to the @env{PATH} environment variable. @@ -21126,7 +21129,8 @@ loading and execution of scripts. Multiple entries may be delimited by the host platform directory separator in use. @end table -Setting this variable to an empty string disables this security protection. +Setting this variable to @code{"/"} (without the quotes) disables this security +protection. This variable is supposed to be set to the system directories writable by the system superuser only. Users can add their source directories in init files in their home directories (@pxref{Home Directory Init File}). See also deprecated @@ -21146,7 +21150,7 @@ by @samp{show auto-load safe-path} (such as @samp{/usr:/bin} in this example). Specify this directory as in the previous case but just for a single @value{GDBN} session. -@item @kbd{gdb -iex "set auto-load safe-path" [@dots{}]} +@item @kbd{gdb -iex "set auto-load safe-path /" [@dots{}]} Disable auto-loading safety for a single @value{GDBN} session. This assumes all the files you debug during this @value{GDBN} session will come from trusted sources.