gdb: multiple vulnerabilities
Posted Nov 3, 2005 14:27 UTC (Thu) by jzbiciak
(✭ supporter ✭
In reply to: gdb: multiple vulnerabilities
Parent article: gdb: multiple vulnerabilities
Well, suppose I leave a malicious .gdbinit in /tmp and one of your daemons happened to dump core in /tmp. So, you fire up GDB and get p3wned. Not exactly a good state to be in.
It seems like the shared working area and symlink problems could be solved by sourcing a trusted file in the user's home directory, and placing within that file any customizations on the default security policy.
to post comments)