From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 6633 invoked by alias); 9 May 2012 18:26:43 -0000 Received: (qmail 6625 invoked by uid 22791); 9 May 2012 18:26:42 -0000 X-SWARE-Spam-Status: No, hits=-6.1 required=5.0 tests=AWL,BAYES_00,KHOP_RCVD_UNTRUST,RCVD_IN_DNSWL_HI,SPF_HELO_PASS,TW_BJ,T_RP_MATCHES_RCVD X-Spam-Check-By: sourceware.org Received: from mx1.redhat.com (HELO mx1.redhat.com) (209.132.183.28) by sourceware.org (qpsmtpd/0.43rc1) with ESMTP; Wed, 09 May 2012 18:26:29 +0000 Received: from int-mx11.intmail.prod.int.phx2.redhat.com (int-mx11.intmail.prod.int.phx2.redhat.com [10.5.11.24]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id q49IQ5cd031161 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Wed, 9 May 2012 14:26:05 -0400 Received: from host2.jankratochvil.net (ovpn-116-17.ams2.redhat.com [10.36.116.17]) by int-mx11.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id q49IPue4000346 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO); Wed, 9 May 2012 14:26:01 -0400 Date: Wed, 09 May 2012 18:26:00 -0000 From: Jan Kratochvil To: Joel Brobecker Cc: gdb-patches@sourceware.org, Eli Zaretskii Subject: [doc patch] auto-load: Make more set auto-load safe-path references [Re: [patch#3 5/8] set auto-load safe-path] Message-ID: <20120509182555.GA16482@host2.jankratochvil.net> References: <20120403185058.GE14189@host2.jankratochvil.net> <20120509042129.GA24867@adacore.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20120509042129.GA24867@adacore.com> User-Agent: Mutt/1.5.21 (2010-09-15) X-IsSubscribed: yes Mailing-List: contact gdb-patches-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: gdb-patches-owner@sourceware.org X-SW-Source: 2012-05/txt/msg00296.txt.bz2 Hi Joel, On Wed, 09 May 2012 06:21:29 +0200, Joel Brobecker wrote: > In my opinion, we should definitely mention the "auto-load safe-path" > setting at the very beginning of the auto-load section, before we start > talking about the various kinds of files that can be automatically > loaded. And I also think that it would be beneficial to add a reference > to the safe-path setting in all "set auto-load ..." commands, to make > sure that people who quickly search the documentation do not miss the > important fact that setting "auto-load local-gdbinit" to "on" might not > be sufficient. attached. > And lastly, it would have been nice if, after reading the documentation, > the user could have had a sense of what policy GDB implements by default. > For instance, GDB's default policy is to enable auto-loading of all > files, but only from trusted directories specified via the "auto-load > safe-path" setting. There is already that paragraph (in Node: Auto-loading safe path): Setting this variable to `/' disables this security protection, corresponding GDB configuration option is `--without-auto-load-safe-path'. This variable is supposed to be set to the system directories writable by the system superuser only. Users can add their source directories in init files in their home directories (*note Home Directory Init File::). See also deprecated init file in the current directory (*note Init File in the Current Directory during Startup::). Do you find it insufficient? Thanks, Jan gdb/doc 2012-05-09 Jan Kratochvil * gdb.texinfo (Auto-loading, Init File in the Current Directory) (libthread_db.so.1 file, objfile-gdb.gdb file, objfile-gdb.py file) (dotdebug_gdb_scripts section): Add reference to 'Auto-loading safe path'. --- a/gdb/doc/gdb.texinfo +++ b/gdb/doc/gdb.texinfo @@ -20973,6 +20973,10 @@ without being explicitly told so by the user. We call this feature results or introduce security risks (e.g., if the file comes from untrusted sources). +Notice loading of these associated files (including the local @file{.gdbinit} +file) requires accordingly configured @code{auto-load safe-path} +(@pxref{Auto-loading safe path}). + For these reasons, @value{GDBN} includes commands and options to let you control when to auto-load files and which files should be auto-loaded. @@ -21110,6 +21114,9 @@ By default, @value{GDBN} reads and executes the canned sequences of commands from init file (if any) in the current working directory, see @ref{Init File in the Current Directory during Startup}. +Notice loading of this local @file{.gdbinit} file also requires accordingly +configured @code{auto-load safe-path} (@pxref{Auto-loading safe path}). + @table @code @anchor{set auto-load local-gdbinit} @kindex set auto-load local-gdbinit @@ -21146,6 +21153,9 @@ libraries have to be trusted in general. In all other cases of auto-load libthread-db} is enabled before trying to open such thread debugging library. +Notice loading of this debugging library also requires accordingly configured +@code{auto-load safe-path} (@pxref{Auto-loading safe path}). + @table @code @anchor{set auto-load libthread-db} @kindex set auto-load libthread-db @@ -21173,6 +21183,9 @@ for each such library print list of inferior @var{pid}s using it. canned sequences of commands (@pxref{Sequences}), as long as @samp{set auto-load gdb-scripts} is set to @samp{on}. +Notice loading of this script file also requires accordingly configured +@code{auto-load safe-path} (@pxref{Auto-loading safe path}). + For more background refer to the similar Python scripts auto-loading description (@pxref{objfile-gdb.py file}). @@ -25463,7 +25476,10 @@ then @value{GDBN} will look for @var{script-name} in all of the directories mentioned in the value of @code{debug-file-directory}. Finally, if this file does not exist, then @value{GDBN} will look for -@var{script-name} file in all of the directories specified by: +@var{script-name} file in all of the directories as specified below. + +Notice loading of this script file also requires accordingly configured +@code{auto-load safe-path} (@pxref{Auto-loading safe path}). @table @code @anchor{set auto-load scripts-directory} @@ -25539,6 +25555,9 @@ DEFINE_GDB_SCRIPT ("my-app-scripts.py") The script name may include directories if desired. +Notice loading of this script file also requires accordingly configured +@code{auto-load safe-path} (@pxref{Auto-loading safe path}). + If the macro is put in a header, any application or library using this header will get a reference to the specified script.