This is the mail archive of the gdb-patches@sourceware.org mailing list for the GDB project.
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |
Other format: | [Raw text] |
In that discussion, Andreas suggested to avoid the warning if the user belongs to the same group as the file's owner. I don't see your patch addressing that part. Why not?
I realize that it would be inappropriate to ask you to do that as a prerequisite for accepting the patch, but maybe a TODO comment should be placed there about the Windows case. Then someone else could do that at some point.
I would suggest to spell out why it is untrusted. Otherwise the warning sounds grave, but doesn't give enough information to make the decision.
+ if (!query (_("Read file anyway? ")))
This could be automatically answered YES in some situations. Do we care?
+If @file{.gdbinit} is untrusted (it is not owned by the current user +or the file is world-writable), @value{GDBN} will warn the user and ask
This should be qualified by "on some platforms", because not every platform that supports file ownership will issue this warning.
And a minor stylistic issue. You say "it is not owned" and then "the file is world-writable". This is inconsistent, and could confuse the reader into thinking that "it" and "the file" are two different things. Suggest to rephrase:
If @file{.gdbinit} is @dfn{untrusted} (either not owned by the current user or world-writable), ...
ChangeLog 2010-11-23 Keith Seitz <keiths@redhat.com>
From Daniel Jacobowitz <dan@codesourcery.com> and Jeff Johnston <jjohnstn@redhat.com>: * cli/cli-cmds.h (find_and_open_script): Add from_tty argument. * cli/cli-cmds.c (find_and_open_script): Likewise. When from_tty is -1, perform a security check of the file. If it fails, warn the user and whether he wants to read the file anyway. (source_script_with_search): Update call to find_and_open_script. Only print an error if from_tty is greater than zero. * main.c (captured_main): Pass from_tty = -1 when sourcing gdbinit files. * python/py-auto-load.c (source_section_scripts): Update call to find_and_open_script.
doc/ChangeLog 2010-11-23 Keith Seitz <keiths@redhat.com>
* gdb.texinfo (Startup): Document security handling of .gdbinit files.
Attachment:
gdbinit-security-2.patch
Description: Text document
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |