From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gdb-patches-return-39737-listarch-gdb-patches=sources.redhat.com@sources.redhat.com>
Received: (qmail 13568 invoked by alias); 30 May 2005 19:01:44 -0000
Mailing-List: contact gdb-patches-help@sources.redhat.com; run by ezmlm
Precedence: bulk
List-Subscribe: <mailto:gdb-patches-subscribe@sources.redhat.com>
List-Archive: <http://sources.redhat.com/ml/gdb-patches/>
List-Post: <mailto:gdb-patches@sources.redhat.com>
List-Help: <mailto:gdb-patches-help@sources.redhat.com>, <http://sources.redhat.com/ml/#faqs>
Sender: gdb-patches-owner@sources.redhat.com
Received: (qmail 13547 invoked by uid 22791); 30 May 2005 19:01:39 -0000
Received: from biscayne-one-station.mit.edu (HELO biscayne-one-station.mit.edu) (18.7.7.80)
    by sourceware.org (qpsmtpd/0.30-dev) with ESMTP; Mon, 30 May 2005 19:01:39 +0000
Received: from outgoing.mit.edu (OUTGOING-AUTH.MIT.EDU [18.7.22.103])
	by biscayne-one-station.mit.edu (8.12.4/8.9.2) with ESMTP id j4UJ1ZSq018813;
	Mon, 30 May 2005 15:01:35 -0400 (EDT)
Received: from scrubbing-bubbles.mit.edu (SCRUBBING-BUBBLES.MIT.EDU [18.7.16.68])
	(authenticated bits=56)
        (User authenticated as nathanw@ATHENA.MIT.EDU)
	by outgoing.mit.edu (8.12.4/8.12.4) with ESMTP id j4UJ1Swe000962
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT);
	Mon, 30 May 2005 15:01:29 -0400 (EDT)
Received: (from nathanw@localhost) by scrubbing-bubbles.mit.edu (8.12.9)
	id j4UJ1ST2019390; Mon, 30 May 2005 15:01:28 -0400 (EDT)
To: Daniel Jacobowitz <drow@false.org>
Cc: gdb-patches@sourceware.org
Subject: Re: RFC: Check permissions of .gdbinit files
References: <20050530185201.GA29332@nevyn.them.org>
From: "Nathan J. Williams" <nathanw@wasabisystems.com>
Date: Mon, 30 May 2005 19:46:00 -0000
In-Reply-To: <20050530185201.GA29332@nevyn.them.org>
Message-ID: <mtu7jhgfshj.fsf@scrubbing-bubbles.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Spam-Score: -5.899
X-Spam-Flag: NO
X-SW-Source: 2005-05/txt/msg00640.txt.bz2

Daniel Jacobowitz <drow@false.org> writes:

> Gentoo recently published a security update for GDB, citing the fact that
> GDB would load .gdbinit from the current directory even if that was owned by
> another user.  I'm not sure how I feel about running GDB in an untrusted
> directory or on untrusted binaries and expecting it to behave sensibly, but
> this particular issue is easy to fix.  Here's my suggested fix; it's not the
> same as Gentoo's.  If .gdbinit is world writable or owned by a different
> user, refuse to open it (and warn the user).
> 
> Anyone have opinions on this change?

I think the "owned by a different user" change is problematic. I've
used build systems that autogenerated .gdbinit files in the build
tree, and it would be entirely sensible for one developer to go and
debug another developer's build.

It does seem reasonable to refuse to execute a world-writable
.gdbinit.

        - Nathan