Mailing-List:	contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Subscribe:	<mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive:	<http://sources.redhat.com/ml/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-help AT cygwin DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender:	cygwin-owner AT cygwin DOT com
Delivered-To:	mailing list cygwin AT cygwin DOT com
Date:	Thu, 10 Jan 2002 13:36:18 -0500
From:	Christopher Faylor <cgf AT redhat DOT com>
To:	cygwin AT cygwin DOT com
Subject:	Re: ksh on cygwin
Message-ID:	<20020110183618.GD26493@redhat.com>
Reply-To:	cygwin AT cygwin DOT com
Mail-Followup-To:	cygwin AT cygwin DOT com
References:	<200201101413 DOT g0AEDJs22391 AT dymwsm15 DOT mailwatch DOT com> <20020110153741 DOT N12057 AT cygbert DOT vinschen DOT de>
Mime-Version:	1.0
In-Reply-To:	<20020110153741.N12057@cygbert.vinschen.de>
User-Agent:	Mutt/1.3.23.1i

On Thu, Jan 10, 2002 at 03:37:41PM +0100, Corinna Vinschen wrote:
>On Thu, Jan 10, 2002 at 09:13:01AM -0500, Fleischer, Karsten (K.) wrote:
>>Glenn found some test cases where mmap() failed and has also written a
>>nice test program.  I will get this to you later.  He also states that
>>the value returned by getpagesize() must conform to mmap() alignment by
>>definition in the SUSv2.  I'm not quite sure about that, though.
>
>See my reply to Robert.  It's just an example.  I don't have another
>reason at hand now but we already considered that change and we
>actually *had* reasons to avoid it.  Perhaps Chris can help out here.

Sorry, I don't remember the discussion.

>>>We have some vfork() changes in the meantime and even ash had an
>>>related error which should be fixed.
>>
>>Maybe we fixed the same error.  I'll send you the details.
>
>Please compare with the current CVS.  Vfork() isn't in my expertise.
>
>>>>- use the contents of $SHELL instead of /bin/sh for
>>>execvp()/execlp() and system() (with some additional checks, e.g.  do
>>>not use a csh, use only 'trusted' shells from /bin, /usr/bin,
>>>/usr/local/bin etc.).  This allows the user to select his favorite
>>>shell manually, so no more "copy /bin/bash to /bin/sh" troubles.  (This
>>>is also from UWIN).
>>>
>>>Hmm, interesting idea...
>>
>>OK, more detailed.  I allow only absolute pathes in $SHELL and don't
>>allow any *csh.  If superuser then only shells from [/usr][/local]/bin
>>are considered trusted shells.  If not superuser shells from other
>>directories are allowed, but if uid != euid or gid != egid the shell
>>and the directory where it resides must not be writable.  Fall back
>>value is /bin/sh.
>
>But, uhm, what exactly is a `superuser' from your point of view?  We
>don't have that concept except for SYSTEM as _the_ user which is able
>to change user context w/o changing security policies.  And on 9x/Me...

It sounds like all of this is pretty non-standard, AFAICT.  I can see
why you'd do something like this but I don't think there is any reason
to divert cygwin in this direction at this point in its life.  It's
a pretty major change.

cgf

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

- Raw text -