From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 93305 invoked by alias); 25 Jul 2015 16:41:52 -0000 Mailing-List: contact gdb-patches-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: gdb-patches-owner@sourceware.org Received: (qmail 93295 invoked by uid 89); 25 Jul 2015 16:41:52 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-2.4 required=5.0 tests=AWL,BAYES_00,RCVD_IN_DNSWL_NONE,SPF_SOFTFAIL autolearn=no version=3.3.2 X-HELO: mtaout29.012.net.il Received: from mtaout29.012.net.il (HELO mtaout29.012.net.il) (80.179.55.185) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Sat, 25 Jul 2015 16:41:49 +0000 Received: from conversion-daemon.mtaout29.012.net.il by mtaout29.012.net.il (HyperSendmail v2007.08) id <0NS100A00XPSL800@mtaout29.012.net.il> for gdb-patches@sourceware.org; Sat, 25 Jul 2015 19:41:24 +0300 (IDT) Received: from HOME-C4E4A596F7 ([87.69.4.28]) by mtaout29.012.net.il (HyperSendmail v2007.08) with ESMTPA id <0NS1002TRYD0LQB0@mtaout29.012.net.il>; Sat, 25 Jul 2015 19:41:24 +0300 (IDT) Date: Sat, 25 Jul 2015 16:41:00 -0000 From: Eli Zaretskii Subject: Re: [PATCH] Make sure GDB uses a valid shell when starting the inferior and to perform the "shell" command In-reply-to: <87oaj042uz.fsf@redhat.com> To: Sergio Durigan Junior Cc: simon.marchi@ericsson.com, gdb-patches@sourceware.org Reply-to: Eli Zaretskii Message-id: <834mks196a.fsf@gnu.org> References: <1437761993-18758-1-git-send-email-sergiodj@redhat.com> <55B2850D.6030306@ericsson.com> <87k2tp5q3g.fsf@redhat.com> <838ua52wmp.fsf@gnu.org> <87fv4d5p8l.fsf@redhat.com> <837fpp2uz5.fsf@gnu.org> <55B29B84.5000707@ericsson.com> <8361583e6v.fsf@gnu.org> <87oaj042uz.fsf@redhat.com> X-IsSubscribed: yes X-SW-Source: 2015-07/txt/msg00749.txt.bz2 > From: Sergio Durigan Junior > Cc: Simon Marchi , gdb-patches@sourceware.org > Date: Sat, 25 Jul 2015 12:29:56 -0400 > > My goal was not to match every possible invalid shell out there, nor to > make sure that the specified shell is a known and valid shell. My goal > was to make sure that the shell exists, is an executable, and is not > something that is commonly used to disable logins (/sbin/nologin or > /bin/false are the obvious candidates here). > > The 2 additional candidates that have been mentioned were actually just > 1: I did not remember to include /bin/false in the list before, but > /usr/sbin/nologin is nologin (and I could even just check for the > basename as you proposed in another message, eliminating the need to > include checks for {,/usr}). > > I don't think we will see the list of non-shells expanding much more. > One can always say "Hey, but /bin/ls is a not a shell!", and we will say > "Right, and it is not commonly used as shell anyway". Just reading the section you proposed for the manual seems to imply the goals are much wider than you say above. If we only want to avoid these 2 non-shells, why do we even need to document that obscure detail? > Finally, I don't want to forbid the user to specify her own shell to run > the inferior, and to name her shell as she wants. Her shell could be named /sbin/nologin, no?