From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 49602 invoked by alias); 24 Jul 2015 21:36:42 -0000 Mailing-List: contact gdb-patches-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: gdb-patches-owner@sourceware.org Received: (qmail 49581 invoked by uid 89); 24 Jul 2015 21:36:41 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-2.4 required=5.0 tests=AWL,BAYES_00,FREEMAIL_FROM,RCVD_IN_DNSWL_LOW,SPF_PASS autolearn=ham version=3.3.2 X-HELO: mail-ig0-f176.google.com Received: from mail-ig0-f176.google.com (HELO mail-ig0-f176.google.com) (209.85.213.176) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with (AES128-GCM-SHA256 encrypted) ESMTPS; Fri, 24 Jul 2015 21:36:40 +0000 Received: by igbpg9 with SMTP id pg9so27108104igb.0 for ; Fri, 24 Jul 2015 14:36:38 -0700 (PDT) MIME-Version: 1.0 X-Received: by 10.50.102.7 with SMTP id fk7mr659657igb.49.1437773798444; Fri, 24 Jul 2015 14:36:38 -0700 (PDT) Received: by 10.36.111.206 with HTTP; Fri, 24 Jul 2015 14:36:38 -0700 (PDT) In-Reply-To: <6E0AD60C-689F-4958-964D-FD560FE77C06@dell.com> References: <1437761993-18758-1-git-send-email-sergiodj@redhat.com> <55B2850D.6030306@ericsson.com> <87k2tp5q3g.fsf@redhat.com> <838ua52wmp.fsf@gnu.org> <87fv4d5p8l.fsf@redhat.com> <837fpp2uz5.fsf@gnu.org> <94F6A309-A197-4A71-BEB9-42E009DD1EB5@dell.com> <55B2A24B.8000209@ericsson.com> <6E0AD60C-689F-4958-964D-FD560FE77C06@dell.com> Date: Fri, 24 Jul 2015 21:36:00 -0000 Message-ID: Subject: Re: [PATCH] Make sure GDB uses a valid shell when starting the inferior and to perform the "shell" command From: Matt Rice To: Paul_Koning@dell.com Cc: simon.marchi@ericsson.com, Eli Zaretskii , Sergio Durigan Junior , "gdb-patches@sourceware.org" Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-IsSubscribed: yes X-SW-Source: 2015-07/txt/msg00734.txt.bz2 On Fri, Jul 24, 2015 at 1:42 PM, wrote: > >> On Jul 24, 2015, at 4:38 PM, Simon Marchi wr= ote: >> >> On 15-07-24 04:25 PM, Paul_Koning@Dell.com wrote: >>> But if you omit a shell, is the user of that shell blocked from using g= db? That=E2=80=99s not a good failure mode. It seems to me that omitting = a non-shell is much more forgiving: all that happens is that you don=E2=80= =99t get the friendly error message. >>> >>> So that says the explicit list should be of non-shells. >>> >>> paul >> >> With Eli's suggestion, if SHELL is valid but gdb doesn't know about it (= e.g. >> SHELL=3D/my/super/duper/shell), it will fall back to using /bin/sh. So = no, >> the user wouldn't be blocked. >> >> > Not unless the features in that unknown shell are needed for the applicat= ion to function correctly. another case of this is shells which actively restrict the application to s= ome subset of available functionality http://plash.beasts.org/index.html#section1 i'm not sure about the following being unfamiliar with it, but it seems a likely candidate for this as well. https://github.com/trombonehero/capsh an unrecognised shell in this case could lead to increased authority of the inferior process, as the general effort here is to restrict processes to those file descriptors that the shell passes to it and remove the ability to obtain new file descriptors the shell has not blessed..