From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from simark.ca by simark.ca with LMTP id ECsQGVTWzGXY9h0AWB0awg (envelope-from ) for ; Wed, 14 Feb 2024 10:03:48 -0500 Authentication-Results: simark.ca; dkim=pass (1024-bit key; unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=ar1JgySs; dkim-atps=neutral Received: by simark.ca (Postfix, from userid 112) id 61CB11E0D2; Wed, 14 Feb 2024 10:03:48 -0500 (EST) Received: from server2.sourceware.org (server2.sourceware.org [8.43.85.97]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (prime256v1) server-digest SHA256) (No client certificate requested) by simark.ca (Postfix) with ESMTPS id 50FCF1E0C0 for ; Wed, 14 Feb 2024 10:03:46 -0500 (EST) Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id E5E46386074C for ; Wed, 14 Feb 2024 15:03:45 +0000 (GMT) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by sourceware.org (Postfix) with ESMTPS id 80FAB3860C2B for ; Wed, 14 Feb 2024 15:03:22 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 80FAB3860C2B Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=redhat.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=redhat.com ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 80FAB3860C2B Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=170.10.129.124 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1707923005; cv=none; b=Calx6fILLKrfYfnFY3kLeK8lsyBxDTJGn4s0CXn+BsAf33x3WXaUieaxej1RzzuABk69MplC8VopLCjrIVS8aK8Tg+yb3BFrwk96vdYmJoi53yqkv4l/6r7/MwTtiAmJwTQCbuYSCI6fEKRGWl+ERgTqHuuZ6J3ie4XURaG+V94= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1707923005; c=relaxed/simple; bh=Nhr9viy8t1oMuNGc7V95hkTq30aLCogyb6bZqFykpoE=; h=DKIM-Signature:From:To:Subject:Date:Message-ID:MIME-Version; b=bc532N4eHL9JbSLygewfeca/vU6OacJ4oYcCE5cbD3KZjjgkJJ/BKuAP99hbFvCK6eqWNHMJYXFo++EnsO7cYheMdVs6RbC5H7vD+kryZSE0wAkxRGkDcWJ5xD3gHLz9v8fFyX8jsB5ho6MBx+msgf8Jmq6oC0OO7/RxrIx4+yc= ARC-Authentication-Results: i=1; server2.sourceware.org DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1707923002; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=M3eoZ9sJJps3QuKQ3iIKgt7w6/HZg5jXOhmVgBZ8lSU=; b=ar1JgySs2dEfe2wKKFlzMLAvsmEc1LXisJsUmepWlizXEQ6HUdETbuks0Yd5nfd2nIDsX8 ITaPtL1iGqdMXoWQyg/E4+O6Oi0ErL/1FJEGkTqr4CP8XKzqoVEB166rWJdfLBek4beOhF Zu5j3+Rx/fMsXU8IY/2m2e5eWUp5Px8= Received: from mail-lf1-f71.google.com (mail-lf1-f71.google.com [209.85.167.71]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-591-FK99Nr2EP5e40PnqzrHDKg-1; Wed, 14 Feb 2024 10:03:19 -0500 X-MC-Unique: FK99Nr2EP5e40PnqzrHDKg-1 Received: by mail-lf1-f71.google.com with SMTP id 2adb3069b0e04-5114f2a1e81so2051896e87.1 for ; Wed, 14 Feb 2024 07:03:19 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1707922998; x=1708527798; h=mime-version:message-id:date:references:in-reply-to:subject:cc:to :from:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=M3eoZ9sJJps3QuKQ3iIKgt7w6/HZg5jXOhmVgBZ8lSU=; b=E9J93s0h2f+ha86+ecfvuDLpl6zLw9cG/+jwmvQLU/4kjg7AHe4XHamG4DtWQZ9qdf sxmIES6nLHM0n/W4T5Fv6WpJGv49qtdFxbQ63voocDJugIvS/l2oGYLG/dRl7e5GuTrP JLJA+29X6yWwUPJ9sJdNiG8WwveYjkiNaoOxvvDwWd6dCc9dciD50tQymMS3D69SKEcq VLqf9dykpMIStSYbiInNA9Wa91Zl7M/7POOngX4+1/Aygbc6DPE6ZoWdKFez0pGcf2fN Lp2NSW3aJ4cVYeO6MHA3hnl5m2EK2jbU4hoIwRHqv57uXoOLO/QStJtJHCXC4T3r6d6F my6g== X-Forwarded-Encrypted: i=1; AJvYcCXJQt4hEe2DjVARCOvWRWyI6TC5aMMcKeXG/zXMtWljoD4UxQUnUr58gaL6QcYZ5lrr/vbS9MuaqSMRBTmv4E7/0nUY3fjPxdxe4w== X-Gm-Message-State: AOJu0YzJyL0qHxbbs9YGmIyYCjluMlEC6t/kxDrblgziB0PoNCWXBdWy FY9BNkF9Y8FF/RGitX4SQZDofdKmaoMmIkA+yAEh4xFLydCiO1NB55SsXzNFKm5hL9QL+UVMIb3 q11YfQmyqAJ1RTsuY81xEvfuLt99JX9+Ne58rELuFaT0boxXfgucTJ4Xnpgg= X-Received: by 2002:ac2:483c:0:b0:511:8b33:6c72 with SMTP id 28-20020ac2483c000000b005118b336c72mr2001937lft.47.1707922998122; Wed, 14 Feb 2024 07:03:18 -0800 (PST) X-Google-Smtp-Source: AGHT+IFJthpRj93Z/xYOGYsokVkrwJi4CAR1pgmUrGlFwE6TG3tXczd2whHt6uwdjbdgHfpenIAfPA== X-Received: by 2002:ac2:483c:0:b0:511:8b33:6c72 with SMTP id 28-20020ac2483c000000b005118b336c72mr2001900lft.47.1707922997655; Wed, 14 Feb 2024 07:03:17 -0800 (PST) X-Forwarded-Encrypted: i=1; AJvYcCWAuVhz4e+AE5S4eFuZhwueZRD7HhxgCStp6N7oRylJoCyueLhPw3eGRgwIC/jio9mWlee/DI2OXI/vjwwsTVqIn/780Jv0FHsdjqtCWEg42QhItIzTV/ReQ8zR5n2wZoW0GvylYn/oMV6yAdu01uaoyx6Bz3F/BYIOfa4lXNhjARoyZvt4TCVzaLLNh3HS06onjlBENHLL2KW0lKgdr1i7aWKUug== Received: from localhost (185.223.159.143.dyn.plus.net. [143.159.223.185]) by smtp.gmail.com with ESMTPSA id bw28-20020a0560001f9c00b0033b66ce7ae9sm12802414wrb.84.2024.02.14.07.03.16 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 14 Feb 2024 07:03:17 -0800 (PST) From: Andrew Burgess To: Siddhesh Poyarekar , Guinevere Larsen , gdb-patches@sourceware.org Cc: Kevin Buettner , Simon Marchi , felix.willgerodt@intel.com, Paul Koning Subject: Re: [RFC] Adding a SECURITY policy for GDB In-Reply-To: References: <877cmvui64.fsf@redhat.com> <87wmtog2f4.fsf@redhat.com> Date: Wed, 14 Feb 2024 15:03:16 +0000 Message-ID: <87r0hf5brf.fsf@redhat.com> MIME-Version: 1.0 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain X-Spam-Status: No, score=-6.3 required=5.0 tests=BAYES_00, DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H2, SPF_HELO_NONE, SPF_NONE, TXREP, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: gdb-patches@sourceware.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Gdb-patches mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: gdb-patches-bounces+public-inbox=simark.ca@sourceware.org Siddhesh Poyarekar writes: > On 2024-02-12 11:43, Guinevere Larsen wrote: >> On 08/12/2023 16:05, Andrew Burgess wrote: >>> One last thing, while writing this, I did wonder if this text would be >>> better moved into the GDB manual, and the gdb/SECURITY.txt document >>> should just say "See the GDB manual", but I figure that's a problem for >>> future me, for now I just need to find some words we can all agree on. >>> >>> Thanks, >>> Andrew >> >> Would it be possible to do the opposite and have the docs pull from the >> txt document? I like the idea of having specific files that are easy to >> check as a developer or end user, and I think having a file that says >> "look at that other file" that contains everything GDB (and thus makes >> it harder to quickly find what you're looking for) would muddle that a >> little bit. > > Not to mention the fact that $topsrcdir/SECURITY* is the first place > where people tend to look to report potential security issues. This is > similar in principle to "Reporting bugs"; the manual is usually the last > place one would look, although it makes sense to *also* put it in the > manual. > Which is why the SECURITY* file would redirect to the definitive text. But this feels like a future problem. First we need to reach consensus on some actual words. Thanks, Andrew