This is the mail archive of the gdb-patches@sourceware.org mailing list for the GDB project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [patch#2 4/6] set auto-load safe-path


> Date: Thu, 29 Mar 2012 11:14:04 +0200
> From: Jan Kratochvil <jan.kratochvil@redhat.com>
> 
> --- a/gdb/NEWS
> +++ b/gdb/NEWS
> @@ -149,6 +149,10 @@ set auto-load libthread-db on|off
>  show auto-load libthread-db
>    Control auto-loading of inferior specific thread debugging shared library.
>  
> +set auto-load safe-path <dir1>[:<dir2>...]
> +show auto-load safe-path
> +  Set a list of directories from which it is safe to auto-load files.

OK, but perhaps say that a semi-colon is to be used on MS-Windows and
MS-DOS systems.

> +  fprintf_filtered (file,
> +		    _("Directory list safe to hold auto-loaded files is %s.\n"),

Suggest to reword

  List of directories from which it is safe to auto-load files is %s.

> +safe-path:  Directory list safe to hold auto-loaded files is /usr/local.

If you accept the above rewording, this needs to be modified
accordingly.

> +If the path is not set properly you will see a warning and the file does not
> +get loaded:                                                         ^^^^^^^^
   ^^^^^^^^^^
"will not get loaded", for consistency with "will see a warning".

> +The list of trusted directories is controlled by commands:
                                   ^^^^^^^^^^^^^^^^^^^^^^^^^
"... is controlled by the following commands:"

> +loading and execution of scripts.  The list of directories uses directory
> +separator as its delimiter.  You can also enter a specific trusted file.

I would suggest to name the separator character explicitly:

  The list of directories uses directory separator (@samp{:} on GNU
  and Unix systems, @samp{;} on MS-Windows and MS-DOS) to separate
  directories, similarly to the @env{PATH} environment variable.

> +@item show auto-load safe-path
> +Show the list of directories (and their subdirectories) trusted for automatic
> +loading and execution of scripts.

Does the command really show the subdirectories?  If not, I think you
meant to say that having a directory in the list makes all of its
subdirectories safe as well; if so, you should say this where you
describe the "set" command.

> +See also deprecated @ref{Current Directory Init File during Startup}.

Again, HTML-style references don't work well.  Use @pxref instead, as
I showed in my other message.

> +There are multiple ways to get the files declined in the example above loaded:

Suggest to rephrase:

  To force @value{GDBN} to load the files it declined to load in the
  previous example, you could use one of the following ways:

> +@item gdb -iex "set auto-load safe-path /usr:/bin:~/src/gdb" [...]

Please use @dots{} instead of literal periods, the former looks better
in print.

> +@item gdb -iex "set auto-load safe-path" [...]

Likewise.

Also, since the last two items are keyboard commands, it is better to
put them in @kbd.

> +@item ./configure --without-auto-load-safe-path

Here too.  And in this following snippet:

> +@itemize @bullet
> +@item gdb -iex "set auto-load no" [...]
> +You can use @value{GDBN} command-line option for a single @value{GDBN} session.
> +
> +@item ~/.gdbinit: set auto-load no
> +Disable auto-loading globally for the user
> +(@pxref{Home Directory Init File}).  While it is improbable you could also
                                                              ^
Comma is missing here.

> +Be aware even downloaded source packages may contain exploit code which may get
> +executed by @value{GDBN} without explicitly running any program therein.

I'm not sure this text belongs to the GDB manual.  General-purpose
security considerations are not the subject of this manual.

In any case, "be aware that ...".

> +This setting should contain so called canonical filenames, after any symbolic
> +links, current and parent directories have been resolved.

That's a nuisance for users, isn't it?  Suppose the sysadmin
reconfigures the system so that my home directory is moved to another
filesystem -- all my safe directories will stop working at that very
instant, right?  Where's the principle of the least astonishment?

>                                                              Both the
> +@samp{auto-load safe-path} setting and the scripts being verified are
> +canonicalized first for their matching.

"... are canonicalized before they are compared".

OK with those changes.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]