From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 18184 invoked by alias); 24 Mar 2012 19:19:04 -0000 Received: (qmail 18176 invoked by uid 22791); 24 Mar 2012 19:19:04 -0000 X-SWARE-Spam-Status: No, hits=-1.1 required=5.0 tests=AWL,BAYES_00,RCVD_IN_DNSWL_NONE,SPF_SOFTFAIL X-Spam-Check-By: sourceware.org Received: from mtaout21.012.net.il (HELO mtaout21.012.net.il) (80.179.55.169) by sourceware.org (qpsmtpd/0.43rc1) with ESMTP; Sat, 24 Mar 2012 19:18:49 +0000 Received: from conversion-daemon.a-mtaout21.012.net.il by a-mtaout21.012.net.il (HyperSendmail v2007.08) id <0M1E00K00LE7TI00@a-mtaout21.012.net.il> for gdb-patches@sourceware.org; Sat, 24 Mar 2012 21:18:43 +0200 (IST) Received: from HOME-C4E4A596F7 ([84.229.240.24]) by a-mtaout21.012.net.il (HyperSendmail v2007.08) with ESMTPA id <0M1E00KDPLN2P490@a-mtaout21.012.net.il>; Sat, 24 Mar 2012 21:18:39 +0200 (IST) Date: Sat, 24 Mar 2012 19:19:00 -0000 From: Eli Zaretskii Subject: Re: [patch 4/6] set auto-load safe-path In-reply-to: <20120324183946.GE26662@host2.jankratochvil.net> To: Jan Kratochvil Cc: gdb-patches@sourceware.org Reply-to: Eli Zaretskii Message-id: <834ntdu7sh.fsf@gnu.org> References: <20120324183946.GE26662@host2.jankratochvil.net> X-IsSubscribed: yes Mailing-List: contact gdb-patches-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: gdb-patches-owner@sourceware.org X-SW-Source: 2012-03/txt/msg00836.txt.bz2 > Date: Sat, 24 Mar 2012 19:39:46 +0100 > From: Jan Kratochvil > > +set auto-load safe-path [:...] > +show auto-load safe-path > + Sets a list of directories safe to hold auto-loaded files. Set a list of directories from which it is safe to auto-load files. or Set a list of directories that are safe for storing auto-load files. > +Set the directories safe to hold auto-loaded files."), _("\ > +Show the directories safe to hold auto-loaded files."), _("\ Same here. > +@node auto-load safe-path > +@subsubsection Security restriction for auto-loading > +@cindex auto-load safe-path > + > +As the files of inferior can come from untrusted source (such as submitted by > +an application user) @value{GDBN} does not always load any files automatically. > + > +This setting should contain so called canonical filenames, after any symbolic > +links, current and parent directories have been resolved. Both the > +@samp{auto-load safe-path} setting and the scripts being verified are > +canonicalized first for their matching. > + > +@table @code > +@kindex set auto-load safe-path > +@item set auto-load safe-path @var{directories} > +Set the list of directories (and their subdirectories) trusted for automatic > +loading and execution of scripts. The list of directories uses directory > +separator as its delimiter. You can also enter a specific trusted file. > + > +@kindex show auto-load safe-path > +@item show auto-load safe-path > +Show the list of directories (and their subdirectories) trusted for automatic > +loading and execution of scripts. > +@end table > + > +Setting this variable to an empty string disables this security protection. > +This variable is supposed to be set to the system directories writable by the > +system superuser only. Users can add their source directories in home > +directories. See also the deprecated option @xref{local-gdbinit}. > + > +Be aware even downloaded source packages may contain exploit code which may get > +executed by @value{GDBN} without explicitly running any program therein. This text should explain what happens if an auto-load file is found in a directory not on this list. Is it silently ignored? ignored with a warning message? is the user prompted for permission to load it? something else?