From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 9168 invoked by alias); 9 May 2012 05:29:50 -0000 Received: (qmail 9152 invoked by uid 22791); 9 May 2012 05:29:48 -0000 X-SWARE-Spam-Status: No, hits=-4.4 required=5.0 tests=AWL,BAYES_00,KHOP_THREADED,RCVD_IN_DNSWL_NONE,RCVD_IN_HOSTKARMA_NO,SPF_SOFTFAIL X-Spam-Check-By: sourceware.org Received: from mtaout21.012.net.il (HELO mtaout21.012.net.il) (80.179.55.169) by sourceware.org (qpsmtpd/0.43rc1) with ESMTP; Wed, 09 May 2012 05:29:35 +0000 Received: from conversion-daemon.a-mtaout21.012.net.il by a-mtaout21.012.net.il (HyperSendmail v2007.08) id <0M3Q00C00PV7Z100@a-mtaout21.012.net.il> for gdb-patches@sourceware.org; Wed, 09 May 2012 08:28:59 +0300 (IDT) Received: from HOME-C4E4A596F7 ([87.69.210.75]) by a-mtaout21.012.net.il (HyperSendmail v2007.08) with ESMTPA id <0M3Q00CNKPWAWS30@a-mtaout21.012.net.il>; Wed, 09 May 2012 08:28:59 +0300 (IDT) Date: Wed, 09 May 2012 05:29:00 -0000 From: Eli Zaretskii Subject: Re: [patch#3 5/8] set auto-load safe-path In-reply-to: <20120509042129.GA24867@adacore.com> To: Joel Brobecker Cc: jan.kratochvil@redhat.com, gdb-patches@sourceware.org Reply-to: Eli Zaretskii Message-id: <83ehqt2ac3.fsf@gnu.org> References: <20120403185058.GE14189@host2.jankratochvil.net> <20120509042129.GA24867@adacore.com> X-IsSubscribed: yes Mailing-List: contact gdb-patches-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: gdb-patches-owner@sourceware.org X-SW-Source: 2012-05/txt/msg00252.txt.bz2 > Date: Tue, 8 May 2012 21:21:29 -0700 > From: Joel Brobecker > Cc: gdb-patches@sourceware.org, Eli Zaretskii > > I accept the new behavior, and the security claim, no problem. > I just think that we can improve on the documentation as follow: > > In my opinion, we should definitely mention the "auto-load safe-path" > setting at the very beginning of the auto-load section, before we start > talking about the various kinds of files that can be automatically > loaded. And I also think that it would be beneficial to add a reference > to the safe-path setting in all "set auto-load ..." commands, to make > sure that people who quickly search the documentation do not miss the > important fact that setting "auto-load local-gdbinit" to "on" might not > be sufficient. > > And lastly, it would have been nice if, after reading the documentation, > the user could have had a sense of what policy GDB implements by default. > For instance, GDB's default policy is to enable auto-loading of all > files, but only from trusted directories specified via the "auto-load > safe-path" setting. I would welcome patches ;-)