This is the mail archive of the
gdb-patches@sourceware.org
mailing list for the GDB project.
Re: [PATCH] Make sure GDB uses a valid shell when starting the inferior and to perform the "shell" command
- From: Sergio Durigan Junior <sergiodj at redhat dot com>
- To: Eli Zaretskii <eliz at gnu dot org>
- Cc: simon dot marchi at ericsson dot com, gdb-patches at sourceware dot org
- Date: Sat, 25 Jul 2015 19:46:14 -0400
- Subject: Re: [PATCH] Make sure GDB uses a valid shell when starting the inferior and to perform the "shell" command
- Authentication-results: sourceware.org; auth=none
- References: <1437761993-18758-1-git-send-email-sergiodj at redhat dot com> <55B2850D dot 6030306 at ericsson dot com> <87k2tp5q3g dot fsf at redhat dot com> <838ua52wmp dot fsf at gnu dot org> <87fv4d5p8l dot fsf at redhat dot com> <837fpp2uz5 dot fsf at gnu dot org> <55B29B84 dot 5000707 at ericsson dot com> <8361583e6v dot fsf at gnu dot org> <87oaj042uz dot fsf at redhat dot com> <834mks196a dot fsf at gnu dot org> <87k2to41bj dot fsf at redhat dot com> <83380c16wo dot fsf at gnu dot org>
On Saturday, July 25 2015, Eli Zaretskii wrote:
>> From: Sergio Durigan Junior <sergiodj@redhat.com>
>> Cc: simon.marchi@ericsson.com, gdb-patches@sourceware.org
>> Date: Sat, 25 Jul 2015 13:03:12 -0400
>>
>> The new section says:
>>
>> @node Valid Shell
>> @subsection Valid Shell
>>
>> @value{GDBN} considers a @emph{valid shell} a file that:
>>
>> @enumerate
>> @item
>> Exists and can be executed by the user.
>>
>> @item
>> Is not the @file{/sbin/nologin} (or @file{/usr/sbin/nologin}) program.
>>
>> @item
>> Is not the @file{/bin/false} program.
>> @end enumerate
>>
>> If any of those conditions are not met, the specified shell is not
>> used by @value{GDBN}.
>>
>> I do not see any difference from what I said above, but if you think
>> this text can be improved, or that this text is not needed at all, then
>> by all means feel free to ask this.
>
> The use of "valid" seems to imply much broader goals. Your
> description seems to say that "pseudo-shells used to disable logins"
> is a better (though longer) terminology.
>
> Also, I suggest to say "such as the following", so as not to imply
> that this is necessarily an exhaustive list.
OK, I will make these changes and send a v3.
> Finally, is it really OK to lump here the "cannot be executed by the
> user" case? Maybe we should error out in that case.
I don't think we should error out in this case, since we can fallback to
/bin/sh and display a warning (which is what the patch does). Erroring
out seems too much for me.
--
Sergio
GPG key ID: 237A 54B1 0287 28BF 00EF 31F4 D0EB 7628 65FC 5E36
Please send encrypted e-mail if possible
http://sergiodj.net/