From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from simark.ca by simark.ca with LMTP id qEgwHT2QN2S4WioAWB0awg (envelope-from ) for ; Thu, 13 Apr 2023 01:16:45 -0400 Received: by simark.ca (Postfix, from userid 112) id 6B1B81E221; Thu, 13 Apr 2023 01:16:45 -0400 (EDT) Authentication-Results: simark.ca; dkim=pass (1024-bit key; secure) header.d=sourceware.org header.i=@sourceware.org header.a=rsa-sha256 header.s=default header.b=RgF0DPiK; dkim-atps=neutral X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on simark.ca X-Spam-Level: X-Spam-Status: No, score=-7.0 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_HI, RDNS_DYNAMIC,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 Received: from sourceware.org (ip-8-43-85-97.sourceware.org [8.43.85.97]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by simark.ca (Postfix) with ESMTPS id 010B91E0D3 for ; Thu, 13 Apr 2023 01:16:44 -0400 (EDT) Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 2EF033857006 for ; Thu, 13 Apr 2023 05:16:44 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 2EF033857006 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org; s=default; t=1681363004; bh=LNniblOIa6dMp6Y4+O7YIkbhnWfikFnh35hmHLUcpj0=; h=Date:To:Cc:Subject:References:In-Reply-To:List-Id: List-Unsubscribe:List-Archive:List-Post:List-Help:List-Subscribe: From:Reply-To:From; b=RgF0DPiKFKccqwwNYmCfRzahGTTPqBwPBm8za1heMzzgkUeRAO/2pRbyu+VXYp1Ot ueAgz7VaRmNPq+ENn9drOwkPA/NXPdhv2nk/FTw+iCnWY4NPXt80Sb/9nxXQrVgQ1D 5D608w0cEZVwVALGMpmMgoRg+wKPW0DNJMhDLRGg= Received: from mail-pl1-x62c.google.com (mail-pl1-x62c.google.com [IPv6:2607:f8b0:4864:20::62c]) by sourceware.org (Postfix) with ESMTPS id 88A053858D32; Thu, 13 Apr 2023 05:16:16 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 88A053858D32 Received: by mail-pl1-x62c.google.com with SMTP id i8so4884984plt.10; Wed, 12 Apr 2023 22:16:16 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1681362974; x=1683954974; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=LNniblOIa6dMp6Y4+O7YIkbhnWfikFnh35hmHLUcpj0=; b=A3cXix+58c2RFnJnVf192wNvWe1qtayKApaglws1SL6s1ovrRzR7D0iJnF59Suw6oW 3ABuUhfmKFUGbaaqLYU3QI2Oaux8qyDtaZym31QesFqqPscu16E2R1TWBebArnOmHYt6 SH+jUqoteXopGDTvPSpLZSwFh3+vN+zflMTi8lwtZAvbO7rvq+5QgqLBprBahn2X03ql G4SIFc0xR1u0Tcyf08Ni56UsdkKOfs8XYtwUHs53mO+hdvrMZezuElpKc73kLDyUaBQK 0UUz7hYlDlGm/PMPH5GQDMTg5arvlyNLlmL23aoUzbsjrELQOMWqmApelh9DLoTwUgpd YrDQ== X-Gm-Message-State: AAQBX9dcx9WsdVIo64bWn1lduXcSoJXpgphxyqwoqF1PQvZF9RPuJ5Rn 1Mh0AAzCTEaxCc/nmxzSigE= X-Google-Smtp-Source: AKy350YUJNjiz41DZzxWweKapXPD5QqzU3LWU02QbokmkAqvM4sHNZbIo/x/PicOw4WwpnDw6e67cg== X-Received: by 2002:a17:90a:d351:b0:234:bf0:86b9 with SMTP id i17-20020a17090ad35100b002340bf086b9mr665726pjx.25.1681362974023; Wed, 12 Apr 2023 22:16:14 -0700 (PDT) Received: from squeak.grove.modra.org ([2406:3400:51d:8cc0:4d08:cebd:d73f:b794]) by smtp.gmail.com with ESMTPSA id 32-20020a17090a09a300b002405d3bbe42sm2386328pjo.0.2023.04.12.22.16.12 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 12 Apr 2023 22:16:13 -0700 (PDT) Received: by squeak.grove.modra.org (Postfix, from userid 1000) id 7D6351140A9E; Thu, 13 Apr 2023 14:46:10 +0930 (ACST) Date: Thu, 13 Apr 2023 14:46:10 +0930 To: Siddhesh Poyarekar Cc: Richard Earnshaw , Nick Clifton , Binutils , "gdb@sourceware.org" Subject: Re: RFC: Adding a SECURITY.md document to the Binutils Message-ID: References: <1c38b926-e003-0e21-e7f1-3d5dbec2aabf@redhat.com> <5b147005-bd28-4cf9-b9e7-479ef02cb1ad@foss.arm.com> <5d044987-39eb-a060-1b2b-9d07b1515e7d@gotplt.org> <73bc480a-a927-2773-8756-50350f76dfbf@gotplt.org> <7f76e17d-f9fc-92cb-0bc3-99cd155a1c00@gotplt.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <7f76e17d-f9fc-92cb-0bc3-99cd155a1c00@gotplt.org> X-BeenThere: gdb@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Gdb mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , From: Alan Modra via Gdb Reply-To: Alan Modra Errors-To: gdb-bounces+public-inbox=simark.ca@sourceware.org Sender: "Gdb" On Thu, Apr 13, 2023 at 12:25:45AM -0400, Siddhesh Poyarekar wrote: > On 2023-04-12 23:51, Alan Modra wrote: > > On Wed, Apr 12, 2023 at 01:10:01PM -0400, Siddhesh Poyarekar wrote: > > > OK, then how about this for the first paragraph: > > > > > > ~~~ > > > A security bug is one that threatens the security of a system or network. > > > In the context of GNU Binutils, there are two ways in which a bug could have > > > security consequences. The primary method is when the tools introduce a > > > vulnerability in the output file that was not present in the input files > > > being processed. The other, albeit unlikely way is when a bug in the tools > > > results in a privilege boundary is crossed in either the tools themselves or > > > in the code they generate. > > > ~~~ > > > > I don't see that talking about privilege boundaries is particularly > > relevant. Consider this: > > > > It is trivially easy to craft an object file that when examined with > > objdump will read your ssh private keys. That's not a bug, it's a > > feature of thin archives. > > > > Now all you need is some means of delivering those private keys, and > > I'm sure there are plenty of buffer overflows in libbfd waiting to be > > exploited, especially with --enable-targets=all. > > That's not a crossing of privilege boundaries; I know. Ah, I see. You were saying that only the very narrow case of a privilege escalation will be considered a "security bug". Fair enough I suppose, but that's close to the much simpler and more easily understood: "binutils makes no claim to being secure, ergo there are no security bugs". -- Alan Modra Australia Development Lab, IBM