[doc patch] auto-load: Make more set auto-load safe-path references [Re: [patch#3 5/8] set auto-load safe-path]

[Jan Kratochvil <jan.kratochvil@redhat.com>]

Hi Joel,

On Wed, 09 May 2012 06:21:29 +0200, Joel Brobecker wrote:
> In my opinion, we should definitely mention the "auto-load safe-path"
> setting at the very beginning of the auto-load section, before we start
> talking about the various kinds of files that can be automatically
> loaded. And I also think that it would be beneficial to add a reference
> to the safe-path setting in all "set auto-load ..." commands, to make
> sure that people who quickly search the documentation do not miss the
> important fact that setting "auto-load local-gdbinit" to "on" might not
> be sufficient.

attached.


> And lastly, it would have been nice if, after reading the documentation,
> the user could have had a sense of what policy GDB implements by default.
> For instance, GDB's default policy is to enable auto-loading of all
> files, but only from trusted directories specified via the "auto-load
> safe-path" setting.

There is already that paragraph (in Node: Auto-loading safe path):

   Setting this variable to `/' disables this security protection,
corresponding GDB configuration option is
`--without-auto-load-safe-path'.  This variable is supposed to be set
to the system directories writable by the system superuser only.  Users
can add their source directories in init files in their home
directories (*note Home Directory Init File::).  See also deprecated
init file in the current directory (*note Init File in the Current
Directory during Startup::).

Do you find it insufficient?


Thanks,
Jan


gdb/doc
2012-05-09  Jan Kratochvil  <jan.kratochvil@redhat.com>

	* gdb.texinfo (Auto-loading, Init File in the Current Directory)
	(libthread_db.so.1 file, objfile-gdb.gdb file, objfile-gdb.py file)
	(dotdebug_gdb_scripts section): Add reference
	to 'Auto-loading safe path'.

--- a/gdb/doc/gdb.texinfo
+++ b/gdb/doc/gdb.texinfo
@@ -20973,6 +20973,10 @@ without being explicitly told so by the user.  We call this feature
 results or introduce security risks (e.g., if the file comes from untrusted
 sources).
 
+Notice loading of these associated files (including the local @file{.gdbinit}
+file) requires accordingly configured @code{auto-load safe-path}
+(@pxref{Auto-loading safe path}).
+
 For these reasons, @value{GDBN} includes commands and options to let you
 control when to auto-load files and which files should be auto-loaded.
 
@@ -21110,6 +21114,9 @@ By default, @value{GDBN} reads and executes the canned sequences of commands
 from init file (if any) in the current working directory,
 see @ref{Init File in the Current Directory during Startup}.
 
+Notice loading of this local @file{.gdbinit} file also requires accordingly
+configured @code{auto-load safe-path} (@pxref{Auto-loading safe path}).
+
 @table @code
 @anchor{set auto-load local-gdbinit}
 @kindex set auto-load local-gdbinit
@@ -21146,6 +21153,9 @@ libraries have to be trusted in general.  In all other cases of
 auto-load libthread-db} is enabled before trying to open such thread debugging
 library.
 
+Notice loading of this debugging library also requires accordingly configured
+@code{auto-load safe-path} (@pxref{Auto-loading safe path}).
+
 @table @code
 @anchor{set auto-load libthread-db}
 @kindex set auto-load libthread-db
@@ -21173,6 +21183,9 @@ for each such library print list of inferior @var{pid}s using it.
 canned sequences of commands (@pxref{Sequences}), as long as @samp{set
 auto-load gdb-scripts} is set to @samp{on}.
 
+Notice loading of this script file also requires accordingly configured
+@code{auto-load safe-path} (@pxref{Auto-loading safe path}).
+
 For more background refer to the similar Python scripts auto-loading
 description (@pxref{objfile-gdb.py file}).
 
@@ -25463,7 +25476,10 @@ then @value{GDBN} will look for @var{script-name} in all of the
 directories mentioned in the value of @code{debug-file-directory}.
 
 Finally, if this file does not exist, then @value{GDBN} will look for
-@var{script-name} file in all of the directories specified by:
+@var{script-name} file in all of the directories as specified below.
+
+Notice loading of this script file also requires accordingly configured
+@code{auto-load safe-path} (@pxref{Auto-loading safe path}).
 
 @table @code
 @anchor{set auto-load scripts-directory}
@@ -25539,6 +25555,9 @@ DEFINE_GDB_SCRIPT ("my-app-scripts.py")
 
 The script name may include directories if desired.
 
+Notice loading of this script file also requires accordingly configured
+@code{auto-load safe-path} (@pxref{Auto-loading safe path}).
+
 If the macro is put in a header, any application or library
 using this header will get a reference to the specified script.