From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from simark.ca by simark.ca with LMTP id sIPoLu/dv2X5DhMAWB0awg (envelope-from ) for ; Sun, 04 Feb 2024 13:56:47 -0500 Authentication-Results: simark.ca; dkim=pass (2048-bit key; unprotected) header.d=gnu.org header.i=@gnu.org header.a=rsa-sha256 header.s=fencepost-gnu-org header.b=DfItHlzg; dkim-atps=neutral Received: by simark.ca (Postfix, from userid 112) id BAEC31E0C3; Sun, 4 Feb 2024 13:56:47 -0500 (EST) Received: from server2.sourceware.org (server2.sourceware.org [8.43.85.97]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (prime256v1) server-digest SHA256) (No client certificate requested) by simark.ca (Postfix) with ESMTPS id A97911E092 for ; Sun, 4 Feb 2024 13:56:45 -0500 (EST) Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 58AC13858436 for ; Sun, 4 Feb 2024 18:56:45 +0000 (GMT) Received: from eggs.gnu.org (eggs.gnu.org [IPv6:2001:470:142:3::10]) by sourceware.org (Postfix) with ESMTPS id C4CF53858CDB for ; Sun, 4 Feb 2024 18:56:27 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org C4CF53858CDB Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=gnu.org Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=gnu.org ARC-Filter: OpenARC Filter v1.0.0 sourceware.org C4CF53858CDB Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=2001:470:142:3::10 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1707072990; cv=none; b=unSYS1HK5ndVIc8nihgvYJ04uwBFIUmMLKnViEUD/WpATeX3SnFEza0SqGucRsGTqmqH9J1Ddza+bQxRf5bBWC2vcQRSq9wKxdNBnORhkoytr0DVVDHTKAPzsVc29rliB2kdiyStTvHkPH7jXjo+U5LiS4iQmXXTb9k8bHaVV3Y= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1707072990; c=relaxed/simple; bh=5f4m+g/7uEuAZun9D3EKkwBJqWvgDwr5zFCWte3qBkM=; h=DKIM-Signature:Date:Message-Id:From:To:Subject; b=G3dyAi2pbuvrBlTslDn8q4HeNq7kSvYFHsxFUIXUee0Qk9LW5f7aQw3WZts6u8meaQzV37YZM3pg7Z92Wo5HyME37KvjRLReDrZMcQwX3SO4VweCtKeskIoeOsnkKMCxQRkoeKsCrPlY+rpeGn1/gNW2a9TpqAmgdRRMSr+xVIM= ARC-Authentication-Results: i=1; server2.sourceware.org Received: from fencepost.gnu.org ([2001:470:142:3::e]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rWhfE-0007Om-95; Sun, 04 Feb 2024 13:56:24 -0500 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=References:Subject:In-Reply-To:To:From:Date: mime-version; bh=nb9cQkVfAPfXb6UhbzCsFXEY1+3FC7Cl/nXIGqcD6BA=; b=DfItHlzgziPm sj2fvSX5tvWjLqO/4vi+CcfkE+D05T+brEZQLjnrKNl+SMOPfPZByjJ+F2fFW0q9dlKFfE9pKyP7Y 1uT3rxEsfw45QeF42yRsU3UAEtU/VYgl0SnrnBDxvWOwlK/TGdc1s8jriRqeHn4B/M3otYJMiJvu5 fMDT48Gd/y6WbpqwBghCjp15to5frk6Wia4OSqwi03zvSvuDICAHnTgxdcZeRmsqb8bR/q4/hUQgb 5ahxgTUNpE4LfoPWuKCuGPcKdCieBLGEomFZJHpW1rw5np4VVg/HXzltn47VmHTZJLnXsNVlO3DQn a55W28BbOd1qsQRmiO4TCg==; Date: Sun, 04 Feb 2024 20:56:19 +0200 Message-Id: <86zfwg12jw.fsf@gnu.org> From: Eli Zaretskii To: Andreas Schwab Cc: aburgess@redhat.com, gdb-patches@sourceware.org, siddhesh@redhat.com, kevinb@redhat.com, simark@simark.ca, felix.willgerodt@intel.com, paulkoning@comcast.net In-Reply-To: <875xz42kic.fsf@igel.home> (message from Andreas Schwab on Sun, 04 Feb 2024 18:43:07 +0100) Subject: Re: [RFC] Adding a SECURITY policy for GDB References: <877cmvui64.fsf@redhat.com> <87wmtog2f4.fsf@redhat.com> <83cyvfy7a2.fsf@gnu.org> <877cjk5jo5.fsf@redhat.com> <8634u82lna.fsf@gnu.org> <875xz42kic.fsf@igel.home> X-Spam-Status: No, score=0.2 required=5.0 tests=BAYES_00, DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, SPF_HELO_PASS, SPF_PASS, TXREP, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: gdb-patches@sourceware.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Gdb-patches mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: gdb-patches-bounces+public-inbox=simark.ca@sourceware.org > From: Andreas Schwab > Cc: Andrew Burgess , gdb-patches@sourceware.org, > siddhesh@redhat.com, kevinb@redhat.com, simark@simark.ca, > felix.willgerodt@intel.com, paulkoning@comcast.net > Date: Sun, 04 Feb 2024 18:43:07 +0100 > > On Feb 04 2024, Eli Zaretskii wrote: > > > What bothered me here is that when you say "gdb ./program", GDB can do > > two things which constitute code execution: > > > > . run some startup code in the program, for example, load some > > shared libraries, which could trigger execution of some code in > > those libraries, or > > . process various init files, which could invoke code in > > Python/Guile, or call functions inside the debuggee > > > > The second item actually happens when you say "gdb ./emacs" in the src > > directory of an Emacs source tree, because there's a .gdbinit file > > Not by default. It needs to be enabled by setting the auto-load > safe-path. That's a subtlety that, if significant, should IMO be explicitly mentioned, because otherwise talking about "user issuing a GDB command triggering execution (either from the GDB command line, a GDB configuration file, or from the GDB prompt)" does not necessarily include the above. For example, the .gdbinit file that comes with Emacs was not written by any particular user of GDB who happens to debug Emacs.