From: Andrey Repin <anrdaemon@yandex.ru>
To: Christian Franke <Christian.Franke@t-online.de>, cygwin@cygwin.com
Subject: Re: Cannot exec() program outside of /bin if PATH is unset
Date: Fri, 12 Sep 2014 21:56:00 -0000 [thread overview]
Message-ID: <601154762.20140913012935@yandex.ru> (raw)
In-Reply-To: <54135451.3060902@t-online.de>
Greetings, Christian Franke!
>>> Enabling the SetDllDirectory() Win32 call fixes the problem.
>>> Would possibly make sense to add this call to cygwin1.dll.
>> That said, just because POSIX has already given us the
>> get-out-of-jail-free card doesn't mean that we can't be nice and improve
>> cygwin1.dll to try and help broken programs that unset PATH.
> Hmm... is postfix actually broken?
> Unsetting PATH is IMO sane (from the POSIX POV) if all exec() calls use
> absolute path names.
If all exec() calls are made with full paths, unsetting $PATH does not improve
security in any way, but leave underlying system in an inconsistent state. As
you've witnessed yourself.
This is not limited to Cygwin1.dll, but to all other system DLL's that you
might need to load.
--
WBR,
Andrey Repin (anrdaemon@yandex.ru) 13.09.2014, <1:27>
Sorry for my terrible english...
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
next prev parent reply other threads:[~2014-09-12 21:35 UTC|newest]
Thread overview: 33+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-09-12 18:02 Christian Franke
2014-09-12 19:39 ` Eric Blake
2014-09-12 21:14 ` Christian Franke
2014-09-12 21:56 ` Andrey Repin [this message]
2014-09-12 23:04 ` Christian Franke
2014-09-12 23:06 ` Eric Blake
2014-09-12 23:13 ` Eric Blake
2014-09-13 16:17 ` Christian Franke
2014-09-15 7:47 ` Peter Rosin
2014-09-15 9:28 ` Peter Rosin
2014-09-15 17:16 ` Christian Franke
2014-10-08 13:41 ` Corinna Vinschen
2014-10-08 17:16 ` Christian Franke
2014-10-09 10:03 ` Corinna Vinschen
2014-10-09 14:25 ` Eric Blake
2014-10-09 16:29 ` Corinna Vinschen
2014-10-09 16:34 ` tednolan
2014-10-10 10:34 ` Corinna Vinschen
2014-10-10 11:24 ` Jan Nijtmans
2014-10-10 11:32 ` Arjen Markus
2014-10-10 12:10 ` tednolan
2014-10-10 12:13 ` Arjen Markus
2014-10-10 15:39 ` Corinna Vinschen
2014-10-14 19:30 ` Corinna Vinschen
2014-10-16 21:51 ` Christian Franke
2014-10-17 9:10 ` Corinna Vinschen
2014-10-17 14:51 ` Corinna Vinschen
2014-10-17 17:56 ` Christian Franke
2014-10-17 18:20 ` Corinna Vinschen
2014-10-17 20:36 ` Csaba Raduly
2014-09-12 22:50 ` Eric Blake
2014-09-13 5:24 ` David Boyce
2014-09-14 9:40 ` Csaba Raduly
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=601154762.20140913012935@yandex.ru \
--to=anrdaemon@yandex.ru \
--cc=Christian.Franke@t-online.de \
--cc=cygwin@cygwin.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).