This is the mail archive of the
gdb-patches@sourceware.org
mailing list for the GDB project.
Re: [patch] auto-load safe-path reset back by set ""
- From: Doug Evans <dje at google dot com>
- To: Jan Kratochvil <jan dot kratochvil at redhat dot com>
- Cc: gdb-patches at sourceware dot org
- Date: Sun, 22 Apr 2012 14:26:16 -0700
- Subject: Re: [patch] auto-load safe-path reset back by set ""
- References: <20120422165128.GA21820@host2.jankratochvil.net>
On Sun, Apr 22, 2012 at 9:51 AM, Jan Kratochvil
<jan.kratochvil@redhat.com> wrote:
> Hi,
>
> from off-list discussion with Doug I have realized the current GDB practice
> is that "set var" will reset it to the factory defaults:
> ? ? ? ?(gdb) set libthread-db-search-path a
> ? ? ? ?(gdb) show libthread-db-search-path
> ? ? ? ?The current search path or libthread_db is "a".
> ? ? ? ?(gdb) set libthread-db-search-path
> ? ? ? ?(gdb) show libthread-db-search-path
> ? ? ? ?The current search path or libthread_db is "$sdir:$pdir".
>
> A similar behavior can be seen for the "directory" command.
>
> Doug's complaint was that "set auto-load safe-path" can be never reset back to
> the GDB compilation settings.
A thought occurred to me regarding the default value of auto-load-path
= ${prefix}.
For a typical value of /usr, it doesn't give as much protection as it could.
E.g. /usr/tmp, /usr/local/tmp (or possibly anything in /usr/local).
So I was wondering if we really want security to be on by default,
should the default value be gdb's data-directory (e.g.,
$prefix/share/gdb) + $exec_prefix/lib{,32,64} + ???
Plus, it seems like at least data-directory should be relocatable.
Implementing this might be cumbersome unless data-directory was
represented as something like "$ddir". Or maybe represent $prefix as
$pdir, etc.. There is precedent. Whether to apply that here - I'm
just raising the issue, I'm not sure myself.