* Re: Empty file without "x" permission is successfully executable on Cygwin
@ 2019-08-06 19:09 Lavrentiev, Anton (NIH/NLM/NCBI) [C] via cygwin
2019-08-06 19:35 ` Ken Brown
2019-08-07 6:12 ` Houder
0 siblings, 2 replies; 17+ messages in thread
From: Lavrentiev, Anton (NIH/NLM/NCBI) [C] via cygwin @ 2019-08-06 19:09 UTC (permalink / raw)
To: 'cygwin@cygwin.com'
> zero-sized? Irrelevant.
It is actually very relevant. Because executing an empty script results in "success" (exit code 0) -- that creates a false-positive.
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: Empty file without "x" permission is successfully executable on Cygwin
2019-08-06 19:09 Empty file without "x" permission is successfully executable on Cygwin Lavrentiev, Anton (NIH/NLM/NCBI) [C] via cygwin
@ 2019-08-06 19:35 ` Ken Brown
2019-08-07 6:12 ` Houder
1 sibling, 0 replies; 17+ messages in thread
From: Ken Brown @ 2019-08-06 19:35 UTC (permalink / raw)
To: cygwin
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #1: Type: text/plain; charset="utf-8", Size: 1064 bytes --]
On 8/6/2019 3:09 PM, Lavrentiev, Anton (NIH/NLM/NCBI) [C] via cygwin wrote:
>> zero-sized? Irrelevant.
>
> It is actually very relevant. Because executing an empty script results in "success" (exit code 0) -- that creates a false-positive.
You were absolutely right on your first complaint, that Cygwin allows a script
without execute permission to be executed. Corinna has already fixed that:
https://cygwin.com/git/gitweb.cgi?p=newlib-cygwin.git;a=commit;h=98669a24760a84bfef498fedeef7fa7ecc518e6c
But what's your basis for saying that an empty script shouldn't be executable?
As long as it has execute permission, you're asking the shell to do nothing. It
happily does nothing and reports success.
It works that way on Linux also:
$ touch dummy
$ chmod +x dummy
$ ./dummy
$ echo $?
0
Ken
\x03BKCB\x1cØ\x19[H\x1c\^[Ü\x1cÎ\b\b\b\b\b\b\x1a\x1d\x1d\x1c\x0eËØÞYÝÚ[ÛÛKÜ\x1cØ\x19[\Ë\x1d^[[\x03BTN\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\x1a\x1d\x1d\x1c\x0eËØÞYÝÚ[ÛÛKÙ\KÃB^[ØÝ[Y[\x18]\x1a[Û\b\b\b\b\b\b\b\b\x1a\x1d\x1d\x1c\x0eËØÞYÝÚ[ÛÛKÙ^[ØÜË\x1d^[[\x03B[ÝXØÜXH\x1a[Î\b\b\b\b\b\x1a\x1d\x1d\x1c\x0eËØÞYÝÚ[ÛÛKÛ[\vÈÝ[ÝXØÜXK\Ú[\^[\x19CBB
^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: Empty file without "x" permission is successfully executable on Cygwin
2019-08-06 19:09 Empty file without "x" permission is successfully executable on Cygwin Lavrentiev, Anton (NIH/NLM/NCBI) [C] via cygwin
2019-08-06 19:35 ` Ken Brown
@ 2019-08-07 6:12 ` Houder
2019-08-24 10:13 ` Houder
1 sibling, 1 reply; 17+ messages in thread
From: Houder @ 2019-08-07 6:12 UTC (permalink / raw)
To: cygwin
On Tue, 6 Aug 2019 19:09:04, Lavrentiev, Anton (NIH/NLM/NCBI) [C] via cygwin" wrote:
> > zero-sized? Irrelevant.
>
> It is actually very relevant. Because executing an empty script results in=
> "success" (exit code 0) -- that creates a false-positive.
Good morning Anton,
Sorry for being brief (and not being clear!).
(and sorry for being late to the party :-)
What I meant, was: a regular file (empty or not), but w/o shebang and w/o the
execute bit, will be executed by Cygwin, contrary to what happens on Unix.
This behaviour (again: different from Unix) has existed for at least a decade.
That is why I wrote: Cygwin != Linux.
When I found out, years and years ago, I assumed that the deviation was due
to FAT filesystems (not being able to represent the x-bit).
Perhaps I was wrong. Perhaps the Cygwin maintainers merely goofed up long ago.
Henri
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: Empty file without "x" permission is successfully executable on Cygwin
2019-08-07 6:12 ` Houder
@ 2019-08-24 10:13 ` Houder
0 siblings, 0 replies; 17+ messages in thread
From: Houder @ 2019-08-24 10:13 UTC (permalink / raw)
To: cygwin
On Wed, 07 Aug 2019 08:12:28, Houder wrote:
> On Tue, 6 Aug 2019 19:09:04, Lavrentiev, Anton (NIH/NLM/NCBI) [C] via cygwin" wrote:
> > > zero-sized? Irrelevant.
> >
> > It is actually very relevant. Because executing an empty script results in=
> > "success" (exit code 0) -- that creates a false-positive.
[snip]
> What I meant, was: a regular file (empty or not), but w/o shebang and w/o the
> execute bit, will be executed by Cygwin, contrary to what happens on Unix.
>
> This behaviour (again: different from Unix) has existed for at least a decade.
>
> That is why I wrote: Cygwin != Linux.
>
> When I found out, years and years ago, I assumed that the deviation was due
> to FAT filesystems (not being able to represent the x-bit).
>
> Perhaps I was wrong. Perhaps the Cygwin maintainers merely goofed up long ago.
And again I was wrong ...
- https://cygwin.com/ml/cygwin/2009-06/msg00721.html
( Re: Cygwin 1.7: Possible file permission errors in 'base-files' )
"I've put that on my TODO list."
- https://cygwin.com/ml/cygwin/2009-06/msg00727.html
( HEADSUP maintainers: Packages install scripts without execute permissions )
"I have the patch for this ready ..."
Now that the problem has been fixed by Corinna, she can remove it from her TODO
list :-P
Henri
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: Empty file without "x" permission is successfully executable on Cygwin
@ 2019-08-06 22:28 Lavrentiev, Anton (NIH/NLM/NCBI) [C] via cygwin
0 siblings, 0 replies; 17+ messages in thread
From: Lavrentiev, Anton (NIH/NLM/NCBI) [C] via cygwin @ 2019-08-06 22:28 UTC (permalink / raw)
To: Vince Rice; +Cc: 'cygwin@cygwin.com'
> I did read the thread.
Really?
> which you confirmed after the fact.
Oh really? Then read again:
In my initial post that started the entire thread I wrote:
> On Unix, an empty file can only be executed (exit code 0) if there's the "x" permission granted.
So what's your deal, exactly?
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: Empty file without "x" permission is successfully executable on Cygwin
2019-08-06 21:17 Lavrentiev, Anton (NIH/NLM/NCBI) [C] via cygwin
@ 2019-08-06 21:43 ` Vince Rice
0 siblings, 0 replies; 17+ messages in thread
From: Vince Rice @ 2019-08-06 21:43 UTC (permalink / raw)
To: cygwin
> On Aug 6, 2019, at 4:16 PM, Lavrentiev, Anton (NIH/NLM/NCBI) [C] wrote:
>
>> Which is why, as Ken said, the size is irrelevant.
>
> Which makes your comment irrelevant as well. Read the thread what I was responding and to whom before trolling.
I did read the thread. And Ken's comment was exactly correct, which you confirmed after the fact.
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: Empty file without "x" permission is successfully executable on Cygwin
@ 2019-08-06 21:17 Lavrentiev, Anton (NIH/NLM/NCBI) [C] via cygwin
2019-08-06 21:43 ` Vince Rice
0 siblings, 1 reply; 17+ messages in thread
From: Lavrentiev, Anton (NIH/NLM/NCBI) [C] via cygwin @ 2019-08-06 21:17 UTC (permalink / raw)
To: Vince Rice; +Cc: cygwin
> Which is why, as Ken said, the size is irrelevant.
Which makes your comment irrelevant as well. Read the thread what I was responding and to whom before trolling.
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: Empty file without "x" permission is successfully executable on Cygwin
2019-08-06 20:39 Lavrentiev, Anton (NIH/NLM/NCBI) [C] via cygwin
@ 2019-08-06 21:06 ` Vince Rice
0 siblings, 0 replies; 17+ messages in thread
From: Vince Rice @ 2019-08-06 21:06 UTC (permalink / raw)
To: cygwin
> On Aug 6, 2019, at 3:39 PM, Lavrentiev, Anton (NIH/NLM/NCBI) [C] via wrote:
>
>> But what's your basis for saying that an empty script shouldn't be executable?
>
> I meant it only in the context of the script file lacking the proper "x" permission.
> Of course an empty script _with_ such permissions allowed must be executable, and it will always complete with exit code 0.
Which is why, as Ken said, the size is irrelevant. What's relevant is that it shouldn't be executing
anything that doesn't have the executable bit set. Which is what Corinna fixed.
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: Empty file without "x" permission is successfully executable on Cygwin
@ 2019-08-06 20:39 Lavrentiev, Anton (NIH/NLM/NCBI) [C] via cygwin
2019-08-06 21:06 ` Vince Rice
0 siblings, 1 reply; 17+ messages in thread
From: Lavrentiev, Anton (NIH/NLM/NCBI) [C] via cygwin @ 2019-08-06 20:39 UTC (permalink / raw)
To: Ken Brown; +Cc: 'cygwin@cygwin.com'
> But what's your basis for saying that an empty script shouldn't be executable?
I meant it only in the context of the script file lacking the proper "x" permission.
Of course an empty script _with_ such permissions allowed must be executable, and it will always complete with exit code 0.
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: Empty file without "x" permission is successfully executable on Cygwin
2019-08-06 8:33 ` Corinna Vinschen
@ 2019-08-06 9:01 ` Corinna Vinschen
0 siblings, 0 replies; 17+ messages in thread
From: Corinna Vinschen @ 2019-08-06 9:01 UTC (permalink / raw)
To: cygwin
[-- Attachment #1: Type: text/plain, Size: 1712 bytes --]
On Aug 6 10:33, Corinna Vinschen wrote:
> On Aug 6 03:19, Ken Brown wrote:
> > >>> On 8/5/2019 2:18 PM, Lavrentiev, Anton (NIH/NLM/NCBI) [C] via cygwin wrote:
> > >>>> Hi,
> > >>>>
> > >>>> Please consider the following shell session:
> > >>>>
> > >>>> $ cat dummy.c
> > >>>> #include <stdio.h>
> > >>>>
> > >>>> int main()
> > >>>> {
> > >>>> return 0;
> > >>>> }
> > >>>> $ gcc -o dummy dummy.c
> > >>>> $ mv dummy.exe dummy
> > >>>> $ ./dummy
> > >>>> $ echo $?
> > >>>> 0
> > >>>> $ chmod a-x dummy
> > >>>> $ ./dummy
> > >>>> -bash: ./dummy: Permission denied
> > >>>> $ rm dummy
> > >>>> $ touch dummy
> > >>>> $ ./dummy
> > >>>> $ echo $?
> > >>>> 0
> > >>>> [...]
> > It look like what's happening is that bash calls execve(), which returns with
> > errno ENOEXEC instead of EACCES.
> >
> > I'll look at this more tomorrow unless someone beats me to it.
>
> Looks like the checks for this scenario are in the wrong order. In
> av::setup(), the first check is if the file is a valid executable and if
> so, exec returns ENOEXEC (unless called via exec[vl]p). Only if that
> fails, av::setup checks the executability of the file(*).
Sorry, this description makes no sense. Let me try again, here's
what av::setup does:
- Check if the file has been recognized as a she-bang script.
- If not, checks if we have been called from exec[vl]p.
- If not, return with ENOEXEC.
- If yes, prepend /bin/sh to the script name.
- Check if file is executable.
- If not, return with EACCES.
- Continue script handling.
> Ken, I'll propose a patch on cygwin-patches, please check.
Corinna
--
Corinna Vinschen
Cygwin Maintainer
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: Empty file without "x" permission is successfully executable on Cygwin
2019-08-06 3:19 ` Ken Brown
@ 2019-08-06 8:33 ` Corinna Vinschen
2019-08-06 9:01 ` Corinna Vinschen
0 siblings, 1 reply; 17+ messages in thread
From: Corinna Vinschen @ 2019-08-06 8:33 UTC (permalink / raw)
To: cygwin
[-- Attachment #1: Type: text/plain, Size: 2355 bytes --]
On Aug 6 03:19, Ken Brown wrote:
> On 8/5/2019 4:39 PM, Ken Brown wrote:
> > On 8/5/2019 4:19 PM, Thomas Wolff wrote:
> >>
> >> Am 05.08.2019 um 22:01 schrieb Ken Brown:
> >>> On 8/5/2019 2:18 PM, Lavrentiev, Anton (NIH/NLM/NCBI) [C] via cygwin wrote:
> >>>> Hi,
> >>>>
> >>>> Please consider the following shell session:
> >>>>
> >>>> $ cat dummy.c
> >>>> #include <stdio.h>
> >>>>
> >>>> int main()
> >>>> {
> >>>> return 0;
> >>>> }
> >>>> $ gcc -o dummy dummy.c
> >>>> $ mv dummy.exe dummy
> >>>> $ ./dummy
> >>>> $ echo $?
> >>>> 0
> >>>> $ chmod a-x dummy
> >>>> $ ./dummy
> >>>> -bash: ./dummy: Permission denied
> >>>> $ rm dummy
> >>>> $ touch dummy
> >>>> $ ./dummy
> >>>> $ echo $?
> >>>> 0
> >>>>
> >>>> So Cygwin lets the shell to execute a zero-sized file regardless of the "x" perm
> >>>> (non-empty files are not executable if they do not have "x", as shown above).
> >>> I can't reproduce this on my system. Can you show the permissions and ACL of
> >>> dummy?
> >>>
> >>>> There's more. If I put some rubbish in a file, Cygwin still tries to execute
> >>>> it even if the "x" is not there:
> >>>>
> >>>> $ rm dummy
> >>>> $ echo "1" > dummy
> >>>> $ ./dummy
> >>>> ./dummy: line 1: 1: command not found
> >>> Again I can't reproduce this.
> >> I reproduce the behaviour:
> >> > echo echo foo > bar
> >> > ls -l bar
> >> -rw-r--r-- 1 towo None 9 5. Aug 22:18 bar
> >> > ./bar
> >> foo
> >
> > You're right. I was careless in my test. Sorry for the noise.
>
> It look like what's happening is that bash calls execve(), which returns with
> errno ENOEXEC instead of EACCES.
>
> I'll look at this more tomorrow unless someone beats me to it.
Looks like the checks for this scenario are in the wrong order. In
av::setup(), the first check is if the file is a valid executable and if
so, exec returns ENOEXEC (unless called via exec[vl]p). Only if that
fails, av::setup checks the executability of the file(*).
Ken, I'll propose a patch on cygwin-patches, please check.
Thanks,
Corinna
(*) Note that the executability test only makes sense on filesystems
supporting execute bits. On FAT filesystems, no such check will take
place and Cygwin will not encounter EACCES scenarios.
--
Corinna Vinschen
Cygwin Maintainer
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: Empty file without "x" permission is successfully executable on Cygwin
2019-08-05 18:18 Lavrentiev, Anton (NIH/NLM/NCBI) [C] via cygwin
2019-08-05 20:01 ` Ken Brown
@ 2019-08-06 6:22 ` Houder
1 sibling, 0 replies; 17+ messages in thread
From: Houder @ 2019-08-06 6:22 UTC (permalink / raw)
To: cygwin
On Mon, 5 Aug 2019 18:18:52, Lavrentiev, Anton (NIH/NLM/NCBI) [C] via cygwin" wrote:
> Hi,
>
> Please consider the following shell session:
>
> $ cat dummy.c
> #include <stdio.h>
>
> int main()
> {
> return 0;
> }
> $ gcc -o dummy dummy.c
> $ mv dummy.exe dummy
> $ ./dummy
> $ echo $?
> 0
> $ chmod a-x dummy
> $ ./dummy
> -bash: ./dummy: Permission denied
> $ rm dummy
> $ touch dummy
> $ ./dummy
> $ echo $?
> 0
>
> So Cygwin lets the shell to execute a zero-sized file regardless of
> the "x" perm ...
zero-sized? Irrelevant.
[snip]
> Is that expected? On Unix, an empty file can only be executed (exit
> code 0) if there's the "x" permission granted.
Yes, Cygwin != Linux.
64-@@ echo date > dummy
64-@@ ls -l dummy
-rw-r--r-- 1 Henri None 5 Aug 6 08:01 dummy
64-@@ ./dummy
Tue Aug 6 08:01:19 CEST 2019
64-@@ dash
$ ./dummy
Tue Aug 6 08:01:38 CEST 2019 <==== (execution by /bin/sh)
$ mv /bin/sh /bin/OOS
$ ls -l /bin/sh.exe
ls: cannot access '/bin/sh.exe': No such file or directory
$ ./dummy
dash: 4: ./dummy: not found <==== attempted to execute "script" using /bin/sh
Also study:
https://stackoverflow.com/questions/7268437/bash-script-execution-with-and-without-shebang-in-linux-and-bsd
( Bash script execution with and without shebang in Linux and BSD )
and
http://www.faqs.org/faqs/unix-faq/faq/part3/section-16.html
Henri
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: Empty file without "x" permission is successfully executable on Cygwin
2019-08-05 20:39 ` Ken Brown
@ 2019-08-06 3:19 ` Ken Brown
2019-08-06 8:33 ` Corinna Vinschen
0 siblings, 1 reply; 17+ messages in thread
From: Ken Brown @ 2019-08-06 3:19 UTC (permalink / raw)
To: cygwin
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #1: Type: text/plain; charset="utf-8", Size: 1832 bytes --]
On 8/5/2019 4:39 PM, Ken Brown wrote:
> On 8/5/2019 4:19 PM, Thomas Wolff wrote:
>>
>> Am 05.08.2019 um 22:01 schrieb Ken Brown:
>>> On 8/5/2019 2:18 PM, Lavrentiev, Anton (NIH/NLM/NCBI) [C] via cygwin wrote:
>>>> Hi,
>>>>
>>>> Please consider the following shell session:
>>>>
>>>> $ cat dummy.c
>>>> #include <stdio.h>
>>>>
>>>> int main()
>>>> {
>>>> Â Â Â Â Â return 0;
>>>> }
>>>> $ gcc -o dummy dummy.c
>>>> $ mv dummy.exe dummy
>>>> $ ./dummy
>>>> $ echo $?
>>>> 0
>>>> $ chmod a-x dummy
>>>> $ ./dummy
>>>> -bash: ./dummy: Permission denied
>>>> $ rm dummy
>>>> $ touch dummy
>>>> $ ./dummy
>>>> $ echo $?
>>>> 0
>>>>
>>>> So Cygwin lets the shell to execute a zero-sized file regardless of the "x" perm
>>>> (non-empty files are not executable if they do not have "x", as shown above).
>>> I can't reproduce this on my system. Can you show the permissions and ACL of
>>> dummy?
>>>
>>>> There's more. If I put some rubbish in a file, Cygwin still tries to execute
>>>> it even if the "x" is not there:
>>>>
>>>> $ rm dummy
>>>> $ echo "1" > dummy
>>>> $ ./dummy
>>>> ./dummy: line 1: 1: command not found
>>> Again I can't reproduce this.
>> I reproduce the behaviour:
>> > echo echo foo > bar
>> > ls -l bar
>> -rw-r--r-- 1 towo None 9Â 5. Aug 22:18 bar
>> > ./bar
>> foo
>
> You're right. I was careless in my test. Sorry for the noise.
It look like what's happening is that bash calls execve(), which returns with
errno ENOEXEC instead of EACCES.
I'll look at this more tomorrow unless someone beats me to it.
Ken
\x03BKCB\x1cØ\x19[H\x1c\^[Ü\x1cÎ\b\b\b\b\b\b\x1a\x1d\x1d\x1c\x0eËØÞYÝÚ[ÛÛKÜ\x1cØ\x19[\Ë\x1d^[[\x03BTN\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\x1a\x1d\x1d\x1c\x0eËØÞYÝÚ[ÛÛKÙ\KÃB^[ØÝ[Y[\x18]\x1a[Û\b\b\b\b\b\b\b\b\x1a\x1d\x1d\x1c\x0eËØÞYÝÚ[ÛÛKÙ^[ØÜË\x1d^[[\x03B[ÝXØÜXH\x1a[Î\b\b\b\b\b\x1a\x1d\x1d\x1c\x0eËØÞYÝÚ[ÛÛKÛ[\vÈÝ[ÝXØÜXK\Ú[\^[\x19CBB
^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: Empty file without "x" permission is successfully executable on Cygwin
2019-08-05 20:19 ` Thomas Wolff
@ 2019-08-05 20:39 ` Ken Brown
2019-08-06 3:19 ` Ken Brown
0 siblings, 1 reply; 17+ messages in thread
From: Ken Brown @ 2019-08-05 20:39 UTC (permalink / raw)
To: cygwin
On 8/5/2019 4:19 PM, Thomas Wolff wrote:
>
> Am 05.08.2019 um 22:01 schrieb Ken Brown:
>> On 8/5/2019 2:18 PM, Lavrentiev, Anton (NIH/NLM/NCBI) [C] via cygwin wrote:
>>> Hi,
>>>
>>> Please consider the following shell session:
>>>
>>> $ cat dummy.c
>>> #include <stdio.h>
>>>
>>> int main()
>>> {
>>> return 0;
>>> }
>>> $ gcc -o dummy dummy.c
>>> $ mv dummy.exe dummy
>>> $ ./dummy
>>> $ echo $?
>>> 0
>>> $ chmod a-x dummy
>>> $ ./dummy
>>> -bash: ./dummy: Permission denied
>>> $ rm dummy
>>> $ touch dummy
>>> $ ./dummy
>>> $ echo $?
>>> 0
>>>
>>> So Cygwin lets the shell to execute a zero-sized file regardless of the "x" perm
>>> (non-empty files are not executable if they do not have "x", as shown above).
>> I can't reproduce this on my system. Can you show the permissions and ACL of
>> dummy?
>>
>>> There's more. If I put some rubbish in a file, Cygwin still tries to execute
>>> it even if the "x" is not there:
>>>
>>> $ rm dummy
>>> $ echo "1" > dummy
>>> $ ./dummy
>>> ./dummy: line 1: 1: command not found
>> Again I can't reproduce this.
> I reproduce the behaviour:
> > echo echo foo > bar
> > ls -l bar
> -rw-r--r-- 1 towo None 9 5. Aug 22:18 bar
> > ./bar
> foo
You're right. I was careless in my test. Sorry for the noise.
Ken
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: Empty file without "x" permission is successfully executable on Cygwin
2019-08-05 20:01 ` Ken Brown
@ 2019-08-05 20:19 ` Thomas Wolff
2019-08-05 20:39 ` Ken Brown
0 siblings, 1 reply; 17+ messages in thread
From: Thomas Wolff @ 2019-08-05 20:19 UTC (permalink / raw)
To: cygwin
Am 05.08.2019 um 22:01 schrieb Ken Brown:
> On 8/5/2019 2:18 PM, Lavrentiev, Anton (NIH/NLM/NCBI) [C] via cygwin wrote:
>> Hi,
>>
>> Please consider the following shell session:
>>
>> $ cat dummy.c
>> #include <stdio.h>
>>
>> int main()
>> {
>> return 0;
>> }
>> $ gcc -o dummy dummy.c
>> $ mv dummy.exe dummy
>> $ ./dummy
>> $ echo $?
>> 0
>> $ chmod a-x dummy
>> $ ./dummy
>> -bash: ./dummy: Permission denied
>> $ rm dummy
>> $ touch dummy
>> $ ./dummy
>> $ echo $?
>> 0
>>
>> So Cygwin lets the shell to execute a zero-sized file regardless of the "x" perm
>> (non-empty files are not executable if they do not have "x", as shown above).
> I can't reproduce this on my system. Can you show the permissions and ACL of dummy?
>
>> There's more. If I put some rubbish in a file, Cygwin still tries to execute it even if the "x" is not there:
>>
>> $ rm dummy
>> $ echo "1" > dummy
>> $ ./dummy
>> ./dummy: line 1: 1: command not found
> Again I can't reproduce this.
I reproduce the behaviour:
> echo echo foo > bar
> ls -l bar
-rw-r--r-- 1 towo None 9Â 5. Aug 22:18 bar
> ./bar
foo
>
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: Empty file without "x" permission is successfully executable on Cygwin
2019-08-05 18:18 Lavrentiev, Anton (NIH/NLM/NCBI) [C] via cygwin
@ 2019-08-05 20:01 ` Ken Brown
2019-08-05 20:19 ` Thomas Wolff
2019-08-06 6:22 ` Houder
1 sibling, 1 reply; 17+ messages in thread
From: Ken Brown @ 2019-08-05 20:01 UTC (permalink / raw)
To: cygwin
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #1: Type: text/plain; charset="utf-8", Size: 1174 bytes --]
On 8/5/2019 2:18 PM, Lavrentiev, Anton (NIH/NLM/NCBI) [C] via cygwin wrote:
> Hi,
>
> Please consider the following shell session:
>
> $ cat dummy.c
> #include <stdio.h>
>
> int main()
> {
> return 0;
> }
> $ gcc -o dummy dummy.c
> $ mv dummy.exe dummy
> $ ./dummy
> $ echo $?
> 0
> $ chmod a-x dummy
> $ ./dummy
> -bash: ./dummy: Permission denied
> $ rm dummy
> $ touch dummy
> $ ./dummy
> $ echo $?
> 0
>
> So Cygwin lets the shell to execute a zero-sized file regardless of the "x" perm
> (non-empty files are not executable if they do not have "x", as shown above).
I can't reproduce this on my system. Can you show the permissions and ACL of dummy?
> There's more. If I put some rubbish in a file, Cygwin still tries to execute it even if the "x" is not there:
>
> $ rm dummy
> $ echo "1" > dummy
> $ ./dummy
> ./dummy: line 1: 1: command not found
Again I can't reproduce this.
Ken
\0ТÒÐÐ¥\a&ö&ÆVÒ\a&W\x06÷'G3¢\x02\x02\x02\x02\x02\x02\x06GG\x03¢òö7wvâæ6öÒ÷\a&ö&ÆV×2æFÖÀФd\x15\x13¢\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x06GG\x03¢òö7wvâæ6öÒöf\x17\x12ðФFö7VÖVçF\x17Föã¢\x02\x02\x02\x02\x02\x02\x02\x02\x06GG\x03¢òö7wvâæ6öÒöFö72æFÖÀÐ¥Vç7V'67&&R\x06æfó¢\x02\x02\x02\x02\x02\x06GG\x03¢òö7wvâæ6öÒöÖÂò7Vç7V'67&&R×6×\x06ÆPÐ Ð
^ permalink raw reply [flat|nested] 17+ messages in thread
* Empty file without "x" permission is successfully executable on Cygwin
@ 2019-08-05 18:18 Lavrentiev, Anton (NIH/NLM/NCBI) [C] via cygwin
2019-08-05 20:01 ` Ken Brown
2019-08-06 6:22 ` Houder
0 siblings, 2 replies; 17+ messages in thread
From: Lavrentiev, Anton (NIH/NLM/NCBI) [C] via cygwin @ 2019-08-05 18:18 UTC (permalink / raw)
To: 'cygwin@cygwin.com'
Hi,
Please consider the following shell session:
$ cat dummy.c
#include <stdio.h>
int main()
{
return 0;
}
$ gcc -o dummy dummy.c
$ mv dummy.exe dummy
$ ./dummy
$ echo $?
0
$ chmod a-x dummy
$ ./dummy
-bash: ./dummy: Permission denied
$ rm dummy
$ touch dummy
$ ./dummy
$ echo $?
0
So Cygwin lets the shell to execute a zero-sized file regardless of the "x" perm
(non-empty files are not executable if they do not have "x", as shown above).
Is that expected? On Unix, an empty file can only be executed (exit code 0) if there's the "x" permission granted.
There's more. If I put some rubbish in a file, Cygwin still tries to execute it even if the "x" is not there:
$ rm dummy
$ echo "1" > dummy
$ ./dummy
./dummy: line 1: 1: command not found
So Cygwin knows about "dummy" being a PE32 executable missing the "x" (top of my session), and properly denies the execution
when there's no "x", but still lets all other file contents execute blindly (regardless of "x"). That's very dangerous!
Thanks,
Anton Lavrentiev
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
^ permalink raw reply [flat|nested] 17+ messages in thread
end of thread, other threads:[~2019-08-24 5:54 UTC | newest]
Thread overview: 17+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-08-06 19:09 Empty file without "x" permission is successfully executable on Cygwin Lavrentiev, Anton (NIH/NLM/NCBI) [C] via cygwin
2019-08-06 19:35 ` Ken Brown
2019-08-07 6:12 ` Houder
2019-08-24 10:13 ` Houder
-- strict thread matches above, loose matches on Subject: below --
2019-08-06 22:28 Lavrentiev, Anton (NIH/NLM/NCBI) [C] via cygwin
2019-08-06 21:17 Lavrentiev, Anton (NIH/NLM/NCBI) [C] via cygwin
2019-08-06 21:43 ` Vince Rice
2019-08-06 20:39 Lavrentiev, Anton (NIH/NLM/NCBI) [C] via cygwin
2019-08-06 21:06 ` Vince Rice
2019-08-05 18:18 Lavrentiev, Anton (NIH/NLM/NCBI) [C] via cygwin
2019-08-05 20:01 ` Ken Brown
2019-08-05 20:19 ` Thomas Wolff
2019-08-05 20:39 ` Ken Brown
2019-08-06 3:19 ` Ken Brown
2019-08-06 8:33 ` Corinna Vinschen
2019-08-06 9:01 ` Corinna Vinschen
2019-08-06 6:22 ` Houder
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).