From: Siddhesh Poyarekar <siddhesh@redhat.com>
To: Simon Marchi <simark@simark.ca>,
Andrew Burgess <aburgess@redhat.com>,
gdb-patches@sourceware.org
Subject: Re: [RFC] Adding a SECURITY policy for GDB
Date: Mon, 6 Nov 2023 15:09:44 -0500 [thread overview]
Message-ID: <201ad6f3-0e7d-4474-88bf-ba60568c8f2e@redhat.com> (raw)
In-Reply-To: <e5ad38d4-787c-4c0d-9df7-99f940376cf7@simark.ca>
On 2023-11-06 14:34, Simon Marchi wrote:
> On 11/6/23 08:26, Andrew Burgess wrote:
>> In the context of local debugging, any bugs in GDB that result in
>> crossing of a privilege boundary are considered security bugs. Some
>> examples of crossing a privilege boundary include; being able to
>> execute code as an arbitrarily different user, or accessing resources
>> (e.g. files, sockets, etc) for which the original user would not
>> normally have access.
>
> Do you have examples of this? It seems like any bug in that category would
> be bugs in the platform / OS, not GDB. If such a bug is possible to exploit
> with GDB, the user could another program to exploit the same bu
That's basically boilerplate to state that *if* such a thing ever
happens, it will be considered a security issue. I don't think there
are any such opportunities for misuse in gdb at the moment, but never
say never :)
Thanks,
Sid
next prev parent reply other threads:[~2023-11-06 20:10 UTC|newest]
Thread overview: 31+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-11-06 13:26 Andrew Burgess
2023-11-06 18:55 ` Kevin Buettner
2023-11-06 19:34 ` Simon Marchi
2023-11-06 20:09 ` Siddhesh Poyarekar [this message]
2023-11-06 20:15 ` Simon Marchi
2023-11-07 12:17 ` Siddhesh Poyarekar
2023-11-07 14:22 ` Simon Marchi
2023-11-09 14:35 ` Willgerodt, Felix
2023-11-16 17:19 ` Andrew Burgess
2023-11-16 17:27 ` Paul Koning
2023-11-16 21:35 ` Siddhesh Poyarekar
2023-12-08 15:05 ` Andrew Burgess
2023-12-09 10:55 ` Eli Zaretskii
2024-02-04 15:32 ` Andrew Burgess
2024-02-04 17:18 ` Eli Zaretskii
2024-02-04 17:43 ` Andreas Schwab
2024-02-04 18:56 ` Eli Zaretskii
2024-02-05 11:06 ` Andrew Burgess
2023-12-12 7:27 ` Willgerodt, Felix
2024-02-04 15:36 ` [V3] " Andrew Burgess
2024-02-18 13:55 ` Andrew Burgess
2024-03-27 11:00 ` [V4] " Andrew Burgess
2024-04-08 11:01 ` [V5] " Andrew Burgess
2024-04-09 20:30 ` Tom Tromey
2024-04-10 10:22 ` Willgerodt, Felix
2024-04-26 15:44 ` Andrew Burgess
2024-02-05 21:01 ` Tom Tromey
2024-02-09 15:59 ` Andrew Burgess
2024-02-12 16:43 ` Guinevere Larsen
2024-02-12 17:06 ` Siddhesh Poyarekar
2024-02-14 15:03 ` Andrew Burgess
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=201ad6f3-0e7d-4474-88bf-ba60568c8f2e@redhat.com \
--to=siddhesh@redhat.com \
--cc=aburgess@redhat.com \
--cc=gdb-patches@sourceware.org \
--cc=simark@simark.ca \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox