Improve description of Cygwin ldd utility

Improve the description of Cygwin ldd utility to give a bit more detail about how it does what it does Also add a security warning (modelled after the one in the Linux manpage) that it may end up executing the file it is applied to. Signed-off-by: Jon Turney <jon.turney@dronecode.org.uk>
2016-07-02 16:45:02 +01:00 · 2016-07-02 16:45:02 +01:00 · 53a831f063
commit 53a831f063
parent 5ff2fcf9bd
1 changed files with 13 additions and 3 deletions
--- a/winsup/doc/utils.xml
+++ b/winsup/doc/utils.xml
@ -755,10 +755,20 @@ ldd [OPTION]... FILE...

    <refsect1>
      <title>Description</title>
-    <para><command>ldd</command> prints the shared libraries (DLLs) an
-      executable or DLL is linked against. No modifying option is implemented
-      yet.</para>
+      <para><command>ldd</command> prints the shared libraries (DLLs) loaded
+      when running an executable or DLL.</para>
+
+    <refsect2>
+      <title>Security</title>
+      <para>
+	<command>ldd</command> invokes the Windows loader on the file specified,
+	then uses the Windows debugging interface to report DLLs loaded, and
+	(for executables) to attempt to stop execution before the entrypoint.
+	Thus, you should never use ldd on an untrusted file.
+      </para>
+    </refsect2>
    </refsect1>
+
  </refentry>

  <refentry id="locale">