From: "Philippe Mathieu-Daudé" <philmd@linaro.org>
To: "Alex Bennée" <alex.bennee@linaro.org>, qemu-devel@nongnu.org
Cc: "Wainer dos Santos Moschetta" <wainersm@redhat.com>,
"Juan Quintela" <quintela@redhat.com>,
"Thomas Huth" <thuth@redhat.com>,
"Cleber Rosa" <crosa@redhat.com>,
"Leonardo Bras" <leobras@redhat.com>,
"Beraldo Leal" <bleal@redhat.com>,
"Peter Maydell" <peter.maydell@linaro.org>,
"Bin Meng" <bmeng.cn@gmail.com>,
"Yanan Wang" <wangyanan55@huawei.com>,
"Darren Kenny" <darren.kenny@oracle.com>,
"Alexander Bulekov" <alxndr@bu.edu>,
"Marcel Apfelbaum" <marcel.apfelbaum@gmail.com>,
"Peter Xu" <peterx@redhat.com>,
"Radoslaw Biernacki" <rad@semihalf.com>,
"Laurent Vivier" <laurent@vivier.eu>,
"Paolo Bonzini" <pbonzini@redhat.com>,
"Eduardo Habkost" <eduardo@habkost.net>,
qemu-arm@nongnu.org, "Stefan Hajnoczi" <stefanha@redhat.com>,
"Richard Henderson" <richard.henderson@linaro.org>,
"Bandan Das" <bsd@redhat.com>,
"Daniel P. Berrangé" <berrange@redhat.com>,
"Alexandre Iooss" <erdnaxe@crans.org>,
"Marcin Juszkiewicz" <marcin.juszkiewicz@linaro.org>,
"Leif Lindholm" <quic_llindhol@quicinc.com>,
"Laurent Vivier" <lvivier@redhat.com>,
"Qiuhao Li" <Qiuhao.Li@outlook.com>,
"Mahmoud Mandour" <ma.mandourr@gmail.com>,
"Riku Voipio" <riku.voipio@iki.fi>,
"Ilya Leoshkevich" <iii@linux.ibm.com>
Subject: Re: [PATCH v3 35/36] docs: Document security implications of debugging
Date: Tue, 27 Jun 2023 23:00:50 +0200 [thread overview]
Message-ID: <db947a1b-dab5-e8df-98ee-f794d4f377ce@linaro.org> (raw)
In-Reply-To: <20230627160943.2956928-36-alex.bennee@linaro.org>
On 27/6/23 18:09, Alex Bennée wrote:
> From: Ilya Leoshkevich <iii@linux.ibm.com>
>
> Now that the GDB stub explicitly implements reading host files (note
> that it was already possible by changing the emulated code to open and
> read those files), concerns may arise that it undermines security.
>
> Document the status quo, which is that the users are already
> responsible for securing the GDB connection themselves.
>
> Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
> Signed-off-by: Ilya Leoshkevich <iii@linux.ibm.com>
> Message-Id: <20230621203627.1808446-8-iii@linux.ibm.com>
> Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
> ---
> docs/system/gdb.rst | 15 +++++++++++++++
> 1 file changed, 15 insertions(+)
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
next prev parent reply other threads:[~2023-06-27 21:01 UTC|newest]
Thread overview: 58+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-06-27 16:09 [PATCH v3 00/36] maintainer omnibus: testing, fuzz, plugins, documentation, gdbstub (pre-PR) Alex Bennée
2023-06-27 16:09 ` [PATCH v3 01/36] gitlab: explicit set artifacts publishing criteria Alex Bennée
2023-06-27 16:09 ` [PATCH v3 02/36] gitlab: ensure coverage job also publishes meson log Alex Bennée
2023-06-27 16:09 ` [PATCH v3 03/36] gitlab: reduce testing scope of check-gcov Alex Bennée
2023-06-27 21:08 ` Philippe Mathieu-Daudé
2023-06-27 16:09 ` [PATCH v3 04/36] docs/devel: remind developers to run CI container pipeline when updating images Alex Bennée
2023-06-29 13:42 ` Philippe Mathieu-Daudé
2023-06-27 16:09 ` [PATCH v3 05/36] tests/tcg: add mechanism to handle plugin arguments Alex Bennée
2023-06-27 16:09 ` [PATCH v3 06/36] qemu-keymap: properly check return from xkb_keymap_mod_get_index Alex Bennée
2023-06-27 16:09 ` [PATCH v3 07/36] scripts/oss-fuzz: add a suppression for keymap Alex Bennée
2023-06-27 16:09 ` [PATCH v3 08/36] tests/qtests: clean-up and fix leak in generic_fuzz Alex Bennée
2023-06-27 21:07 ` Philippe Mathieu-Daudé
2023-06-27 16:09 ` [PATCH v3 09/36] tests/docker: add test-fuzz Alex Bennée
2023-06-27 16:09 ` [PATCH v3 10/36] Makefile: add lcitool-refresh to UNCHECKED_GOALS Alex Bennée
2023-06-27 16:09 ` [PATCH v3 11/36] tests/lcitool: update to latest version Alex Bennée
2023-06-27 16:09 ` [PATCH v3 12/36] tests/lcitool: Bump fedora container versions Alex Bennée
2023-06-27 21:06 ` Philippe Mathieu-Daudé
2023-06-27 16:09 ` [PATCH v3 13/36] tests/lcitool: add an explicit gcc-native package Alex Bennée
2023-06-27 16:09 ` [PATCH v3 14/36] tests/lcitool: introduce qemu-minimal Alex Bennée
2023-06-27 16:09 ` [PATCH v3 15/36] tests/docker: convert riscv64-cross to lcitool Alex Bennée
2023-06-28 8:38 ` Richard Henderson
2023-06-29 13:47 ` Alex Bennée
2023-06-27 16:09 ` [PATCH v3 16/36] tests/avocado: update firmware to enable sbsa-ref/max Alex Bennée
2023-06-27 21:06 ` Philippe Mathieu-Daudé
2023-06-27 16:09 ` [PATCH v3 17/36] plugins: force slow path when plugins instrument memory ops Alex Bennée
2023-06-28 8:40 ` Richard Henderson
2023-06-28 9:06 ` Alex Bennée
2023-06-28 9:20 ` Richard Henderson
2023-06-29 11:59 ` Alex Bennée
2023-06-27 16:09 ` [PATCH v3 18/36] plugins: fix memory leak while parsing options Alex Bennée
2023-06-27 16:09 ` [PATCH v3 19/36] plugins: update lockstep to use g_memdup2 Alex Bennée
2023-06-27 21:05 ` Philippe Mathieu-Daudé
2023-11-13 11:03 ` Philippe Mathieu-Daudé
2023-06-27 16:09 ` [PATCH v3 20/36] docs/devel: add some front matter to the devel index Alex Bennée
2023-06-29 13:31 ` Philippe Mathieu-Daudé
2023-06-27 16:09 ` [PATCH v3 21/36] include/migration: mark vmstate_register() as a legacy function Alex Bennée
2023-06-27 16:09 ` [PATCH v3 22/36] include/hw/qdev-core: fixup kerneldoc annotations Alex Bennée
2023-06-29 13:34 ` Philippe Mathieu-Daudé
2023-06-27 16:09 ` [PATCH v3 23/36] docs/devel/qom.rst: Correct code style Alex Bennée
2023-06-27 16:09 ` [PATCH v3 24/36] docs/devel: split qom-api reference into new file Alex Bennée
2023-06-27 16:09 ` [PATCH v3 25/36] docs/devel: introduce some key concepts for QOM development Alex Bennée
2023-06-29 13:41 ` Philippe Mathieu-Daudé
2023-06-30 8:03 ` Alex Bennée
2023-06-30 8:57 ` Paolo Bonzini
2023-06-27 16:09 ` [PATCH v3 26/36] gdbstub: lightly refactor connection to avoid snprintf Alex Bennée
2023-06-27 16:09 ` [PATCH v3 27/36] gdbstub: Permit reverse step/break to provide stop response Alex Bennée
2023-06-27 16:09 ` [PATCH v3 28/36] gdbstub: clean-up vcont handling to avoid goto Alex Bennée
2023-06-28 8:42 ` Richard Henderson
2023-06-27 16:09 ` [PATCH v3 29/36] linux-user: Expose do_guest_openat() and do_guest_readlink() Alex Bennée
2023-06-27 16:09 ` [PATCH v3 30/36] linux-user: Add "safe" parameter to do_guest_openat() Alex Bennée
2023-06-27 16:09 ` [PATCH v3 31/36] linux-user: Emulate /proc/self/smaps Alex Bennée
2023-06-27 16:09 ` [PATCH v3 32/36] gdbstub: Expose gdb_get_process() and gdb_get_first_cpu_in_process() Alex Bennée
2023-06-27 20:59 ` Philippe Mathieu-Daudé
2023-06-27 16:09 ` [PATCH v3 33/36] gdbstub: Report the actual qemu-user pid Alex Bennée
2023-06-27 16:09 ` [PATCH v3 34/36] gdbstub: Add support for info proc mappings Alex Bennée
2023-06-27 16:09 ` [PATCH v3 35/36] docs: Document security implications of debugging Alex Bennée
2023-06-27 21:00 ` Philippe Mathieu-Daudé [this message]
2023-06-27 16:09 ` [PATCH v3 36/36] tests/tcg: Add a test for info proc mappings Alex Bennée
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=db947a1b-dab5-e8df-98ee-f794d4f377ce@linaro.org \
--to=philmd@linaro.org \
--cc=Qiuhao.Li@outlook.com \
--cc=alex.bennee@linaro.org \
--cc=alxndr@bu.edu \
--cc=berrange@redhat.com \
--cc=bleal@redhat.com \
--cc=bmeng.cn@gmail.com \
--cc=bsd@redhat.com \
--cc=crosa@redhat.com \
--cc=darren.kenny@oracle.com \
--cc=eduardo@habkost.net \
--cc=erdnaxe@crans.org \
--cc=iii@linux.ibm.com \
--cc=laurent@vivier.eu \
--cc=leobras@redhat.com \
--cc=lvivier@redhat.com \
--cc=ma.mandourr@gmail.com \
--cc=marcel.apfelbaum@gmail.com \
--cc=marcin.juszkiewicz@linaro.org \
--cc=pbonzini@redhat.com \
--cc=peter.maydell@linaro.org \
--cc=peterx@redhat.com \
--cc=qemu-arm@nongnu.org \
--cc=qemu-devel@nongnu.org \
--cc=quic_llindhol@quicinc.com \
--cc=quintela@redhat.com \
--cc=rad@semihalf.com \
--cc=richard.henderson@linaro.org \
--cc=riku.voipio@iki.fi \
--cc=stefanha@redhat.com \
--cc=thuth@redhat.com \
--cc=wainersm@redhat.com \
--cc=wangyanan55@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).