From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 120650 invoked by alias); 25 Jul 2015 17:03:25 -0000 Mailing-List: contact gdb-patches-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: gdb-patches-owner@sourceware.org Received: (qmail 120640 invoked by uid 89); 25 Jul 2015 17:03:24 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-1.9 required=5.0 tests=AWL,BAYES_00,KAM_LAZY_DOMAIN_SECURITY,RP_MATCHES_RCVD,SPF_HELO_PASS autolearn=ham version=3.3.2 X-HELO: mx1.redhat.com Received: from mx1.redhat.com (HELO mx1.redhat.com) (209.132.183.28) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with (AES256-GCM-SHA384 encrypted) ESMTPS; Sat, 25 Jul 2015 17:03:14 +0000 Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by mx1.redhat.com (Postfix) with ESMTPS id 85569A85; Sat, 25 Jul 2015 17:03:13 +0000 (UTC) Received: from localhost (unused-10-15-17-51.yyz.redhat.com [10.15.17.51]) by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id t6PH3CG7009334 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Sat, 25 Jul 2015 13:03:13 -0400 From: Sergio Durigan Junior To: Eli Zaretskii Cc: simon.marchi@ericsson.com, gdb-patches@sourceware.org Subject: Re: [PATCH] Make sure GDB uses a valid shell when starting the inferior and to perform the "shell" command References: <1437761993-18758-1-git-send-email-sergiodj@redhat.com> <55B2850D.6030306@ericsson.com> <87k2tp5q3g.fsf@redhat.com> <838ua52wmp.fsf@gnu.org> <87fv4d5p8l.fsf@redhat.com> <837fpp2uz5.fsf@gnu.org> <55B29B84.5000707@ericsson.com> <8361583e6v.fsf@gnu.org> <87oaj042uz.fsf@redhat.com> <834mks196a.fsf@gnu.org> X-URL: http://blog.sergiodj.net Date: Sat, 25 Jul 2015 17:03:00 -0000 In-Reply-To: <834mks196a.fsf@gnu.org> (Eli Zaretskii's message of "Sat, 25 Jul 2015 19:41:49 +0300") Message-ID: <87k2to41bj.fsf@redhat.com> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.5 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-IsSubscribed: yes X-SW-Source: 2015-07/txt/msg00751.txt.bz2 On Saturday, July 25 2015, Eli Zaretskii wrote: >> From: Sergio Durigan Junior >> Cc: Simon Marchi , gdb-patches@sourceware.org >> Date: Sat, 25 Jul 2015 12:29:56 -0400 >> >> My goal was not to match every possible invalid shell out there, nor to >> make sure that the specified shell is a known and valid shell. My goal >> was to make sure that the shell exists, is an executable, and is not >> something that is commonly used to disable logins (/sbin/nologin or >> /bin/false are the obvious candidates here). >> >> The 2 additional candidates that have been mentioned were actually just >> 1: I did not remember to include /bin/false in the list before, but >> /usr/sbin/nologin is nologin (and I could even just check for the >> basename as you proposed in another message, eliminating the need to >> include checks for {,/usr}). >> >> I don't think we will see the list of non-shells expanding much more. >> One can always say "Hey, but /bin/ls is a not a shell!", and we will say >> "Right, and it is not commonly used as shell anyway". > > Just reading the section you proposed for the manual seems to imply > the goals are much wider than you say above. If we only want to avoid > these 2 non-shells, why do we even need to document that obscure > detail? Because I think it is worth documenting this to the user; the more information we give about how GDB behaves, the better (IMHO). The new section says: @node Valid Shell @subsection Valid Shell @value{GDBN} considers a @emph{valid shell} a file that: @enumerate @item Exists and can be executed by the user. @item Is not the @file{/sbin/nologin} (or @file{/usr/sbin/nologin}) program. @item Is not the @file{/bin/false} program. @end enumerate If any of those conditions are not met, the specified shell is not used by @value{GDBN}. I do not see any difference from what I said above, but if you think this text can be improved, or that this text is not needed at all, then by all means feel free to ask this. >> Finally, I don't want to forbid the user to specify her own shell to run >> the inferior, and to name her shell as she wants. > > Her shell could be named /sbin/nologin, no? Yes... I should have said: Finally, I don't want to forbid the user to specify her own shell to run the inferior, and to name her shell as she wants, as long as it is not named {,/usr}/sbin/nologin and /bin/false, and as long as it is an existing file, and as long as this file can be executed by her. Thanks, -- Sergio GPG key ID: 237A 54B1 0287 28BF 00EF 31F4 D0EB 7628 65FC 5E36 Please send encrypted e-mail if possible http://sergiodj.net/