From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 312 invoked by alias); 9 Oct 2014 14:25:38 -0000 Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner@cygwin.com Mail-Followup-To: cygwin@cygwin.com Received: (qmail 300 invoked by uid 89); 9 Oct 2014 14:25:37 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-2.1 required=5.0 tests=AWL,BAYES_00,SPF_HELO_PASS,SPF_PASS,T_RP_MATCHES_RCVD autolearn=ham version=3.3.2 X-HELO: mx1.redhat.com Received: from mx1.redhat.com (HELO mx1.redhat.com) (209.132.183.28) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with (AES256-GCM-SHA384 encrypted) ESMTPS; Thu, 09 Oct 2014 14:25:36 +0000 Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id s99EPZkq008875 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=FAIL) for ; Thu, 9 Oct 2014 10:25:35 -0400 Received: from [10.3.113.90] (ovpn-113-90.phx2.redhat.com [10.3.113.90]) by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id s99EPYqP017123 for ; Thu, 9 Oct 2014 10:25:35 -0400 Message-ID: <54369ADE.7060201@redhat.com> Date: Thu, 09 Oct 2014 14:25:00 -0000 From: Eric Blake User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.1.1 MIME-Version: 1.0 To: cygwin@cygwin.com Subject: Re: Cannot exec() program outside of /bin if PATH is unset References: <54135451.3060902@t-online.de> <601154762.20140913012935@yandex.ru> <541378C4.6030705@t-online.de> <54137BDE.6040907@redhat.com> <54137C7F.1040507@redhat.com> <541415B1.8090500@t-online.de> <541698CC.7090802@lysator.liu.se> <5416F946.7010905@t-online.de> <20141008134106.GF29235@calimero.vinschen.de> <5435714D.6060206@t-online.de> <20141009100317.GI29235@calimero.vinschen.de> In-Reply-To: <20141009100317.GI29235@calimero.vinschen.de> OpenPGP: url=http://people.redhat.com/eblake/eblake.gpg Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="645okRuiB5jvRfv8nqKpnjtGnHKbxbnTB" X-IsSubscribed: yes X-SW-Source: 2014-10/txt/msg00100.txt.bz2 --645okRuiB5jvRfv8nqKpnjtGnHKbxbnTB Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Content-length: 778 On 10/09/2014 04:03 AM, Corinna Vinschen wrote: > Ok. Or... hmm. The fact that using SetDllDirectory disallows searching > the CWD got me thinking twice. Security-wise it would really be the > right thing to do. Usually DLLs are in defined search paths: >=20 > - Application dir > - Application defined dirs > - System dirs >=20 > So, what scenario would actually break by removing CWD from the search > path? Running tests in an libtoolized project dir, perhaps? Is that a > valid concern or did libtool already take care of this? Running a libtool project is probably unimpacted - libtool builds in-tree dlls into a subdirectory, which is not usually the CWD. --=20 Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org --645okRuiB5jvRfv8nqKpnjtGnHKbxbnTB Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" Content-length: 539 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 Comment: Public key at http://people.redhat.com/eblake/eblake.gpg iQEcBAEBCAAGBQJUNpreAAoJEKeha0olJ0NqwOkIAKjRkP9yeYB5/fbCPpI/Zc9Z Dfuj8qrW+tlftZ52RaP7sZJAal0sUCQ4SRuwM2+qqR2rRvcqbXg3ggFOdCI1iOT3 uLKF6/9GQHe4xatDoR3zPLWKjwL/adVCDwFgs+IuX7j76PpZuUGo8Fbx75/2YiKK 82/30DQdlsCKrpP/fzlqlOE/izhel5f7+bGRMaVM1BG7h/T/0BHUs1hyQAo79x7e i0qfzoNPqO7mFoioGPvsWpicnVKi/kaJ9Tihcz1taj7XerH3Vuh/ouRTYWKK4paX thpXdrOFsI9GqsVPgErWWunLw4Mu1K2BDQCHEHzEnye7KUnbeq4pFuzPbe1GHeM= =qlPx -----END PGP SIGNATURE----- --645okRuiB5jvRfv8nqKpnjtGnHKbxbnTB--