This is the mail archive of the gdb-patches@sourceware.org mailing list for the GDB project.
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |
Other format: | [Raw text] |
attached patch checks to see if the $PWD/.gdbinit file is world writable and if so, warn about this and refuse to load it idea being that since you can execute just about anything in it, you dont want random people inserting this in it of course, the usefulness of this is marginalized if .gdbinit is owned by a diff user and they just make it world readable but not world writable ... but i dont think a cwdbuf.st_uid == getuid() would be accepted ? -mike
Attachment:
pgp00000.pgp
Description: PGP signature
2007-03-04 Mike Frysinger <vapier@gentoo.org> * main.c: Check if .gdbinit is world writable. --- main.c 9 Jan 2007 21:34:29 -0000 1.62 +++ main.c 4 Mar 2007 22:59:00 -0000 @@ -763,7 +763,14 @@ extern int gdbtk_test (char *); || memcmp ((char *) &homebuf, (char *) &cwdbuf, sizeof (struct stat))) if (!inhibit_gdbinit) { - catch_command_errors (source_script, gdbinit, 0, RETURN_MASK_ALL); + if (cwdbuf.st_mode & S_IWOTH) + { + warning (_("Refusing to load world writable gdbinit `%s'.\n"), gdbinit); + } + else + { + catch_command_errors (source_script, gdbinit, 0, RETURN_MASK_ALL); + } } for (i = 0; i < ncmd; i++)
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |