From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from simark.ca by simark.ca with LMTP id 9vOrOkdISmVAkAAAWB0awg (envelope-from ) for ; Tue, 07 Nov 2023 09:23:03 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=simark.ca; s=mail; t=1699366983; bh=z1QZkctGTADhReR2g5+Q1xsM6Els5zY4wYbljak+fPo=; h=Date:Subject:To:References:From:In-Reply-To:List-Id: List-Unsubscribe:List-Archive:List-Post:List-Help:List-Subscribe: From; b=eZtHYomhtVcAh31LHN6xepdBvWBgT1kZpQNInYd25bHZIYlzi11sVG4qkf5Tkrl43 V6o51K6nqkxsD/4x+e7nFPbWLSWK0lBCybTTC7y7XRqi9yMjyH44qWVRWCT8mscmzo w0oOurVgnXSvPqzsfZeK2o4d9TDClsNv/yAUkanU= Received: by simark.ca (Postfix, from userid 112) id E22B41E0C1; Tue, 7 Nov 2023 09:23:03 -0500 (EST) Authentication-Results: simark.ca; dkim=pass (1024-bit key; unprotected) header.d=simark.ca header.i=@simark.ca header.a=rsa-sha256 header.s=mail header.b=ww3cpCMT; dkim-atps=neutral Received: from server2.sourceware.org (server2.sourceware.org [8.43.85.97]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (prime256v1) server-digest SHA256) (No client certificate requested) by simark.ca (Postfix) with ESMTPS id ADE931E098 for ; Tue, 7 Nov 2023 09:23:01 -0500 (EST) Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 1FAC33857C66 for ; Tue, 7 Nov 2023 14:23:01 +0000 (GMT) Received: from simark.ca (simark.ca [158.69.221.121]) by sourceware.org (Postfix) with ESMTPS id 897053858D1E for ; Tue, 7 Nov 2023 14:22:49 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 897053858D1E Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=simark.ca Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=simark.ca ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 897053858D1E Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=158.69.221.121 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1699366970; cv=none; b=se4wpm+DEA1xrI7ta8MzEnIvs7BLM1OJRFBCozczQRsJZUqITKwhlGkxB3iK35Nm/mHk2WGHpzW/MRMIMGYr/h3/T+v4Av96TDVdOBPF9We5qXt0BeK6Lg6Nez6tzkTLhME4PbDVF0t/scMgjE354iz5yMbcorCO/t9zdZJf2+w= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1699366970; c=relaxed/simple; bh=z1QZkctGTADhReR2g5+Q1xsM6Els5zY4wYbljak+fPo=; h=DKIM-Signature:Message-ID:Date:MIME-Version:Subject:To:From; b=nQMp5UxELKHOshujbfaAgiFqWs+G1UHycv/1aZ2wYclm9dRGDfAyVcVSxrfmapJVOf2xnTTI4/0Th5WjG8+W4JloOdXL8p5Dt9yI4TQ9jVRjmk2rqDM37DkGyAqDGXniQITEPlzg+RQaY4IFEQmaC1BJjDevvGHG/53A7CO2niY= ARC-Authentication-Results: i=1; server2.sourceware.org DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=simark.ca; s=mail; t=1699366969; bh=z1QZkctGTADhReR2g5+Q1xsM6Els5zY4wYbljak+fPo=; h=Date:Subject:To:References:From:In-Reply-To:From; b=ww3cpCMTwd/BrXJCjdj5K7CraVolu+sDU2hGxqCiuSeGRS+GVmA3fupC8f6yct+bU rznluR8Mc/TXDoE8lfl1HHqP/Uvaw9mtvRzGFM+QdOIYhr+9855lYoka/TRtGpmaVF Ozr+bPp1sYhBh4k3By5fd7DiPS/uZR7SjdVq2UAQ= Received: from [172.16.0.192] (192-222-143-198.qc.cable.ebox.net [192.222.143.198]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (prime256v1) server-digest SHA256) (No client certificate requested) by simark.ca (Postfix) with ESMTPSA id D98B41E098; Tue, 7 Nov 2023 09:22:48 -0500 (EST) Message-ID: Date: Tue, 7 Nov 2023 09:22:48 -0500 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [RFC] Adding a SECURITY policy for GDB To: Siddhesh Poyarekar , Andrew Burgess , gdb-patches@sourceware.org References: <877cmvui64.fsf@redhat.com> <201ad6f3-0e7d-4474-88bf-ba60568c8f2e@redhat.com> <3b87dddb-9781-46fd-91f3-72cad98f0510@simark.ca> <3b60a089-f570-4203-9cdd-bf0b3e47f7e1@redhat.com> Content-Language: fr From: Simon Marchi In-Reply-To: <3b60a089-f570-4203-9cdd-bf0b3e47f7e1@redhat.com> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-4.8 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, SPF_HELO_PASS, SPF_PASS, TXREP, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: gdb-patches@sourceware.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Gdb-patches mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: gdb-patches-bounces+public-inbox=simark.ca@sourceware.org On 11/7/23 07:17, Siddhesh Poyarekar wrote: > An example of such a CVE could be failure to respect umask[1]. I'm not sure how one would word that without risking OS bugs being reported against GDB. I'm inclined to think that it's not as much of a problem at the moment since we haven't historically gotten any reports in this area. Maybe if we start getting reports in this area we could tighten up this text? > > Thanks, > Sid > > [1] https://blog.rust-lang.org/2023/08/03/cve-2023-38497.html > Ah ok, with that example it makes sense. I was only thinking in terms of the user of GDB being the bad person, accessing someone else's data. Not someone else accessing the GDB user's data. Simon