| delorie.com/archives/browse.cgi | search |
| X-Recipient: | archive-cygwin AT delorie DOT com |
| DomainKey-Signature: | a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id |
| :list-unsubscribe:list-subscribe:list-archive:list-post | |
| :list-help:sender:message-id:date:from:mime-version:to:subject | |
| :references:in-reply-to:content-type:content-transfer-encoding; | |
| q=dns; s=default; b=ksKklLy+AqljMTFpSVFBEseM8IX3ruTZX274f8HXB2P | |
| V+ribuZeLX9LoukMcIQNO2BRmhP1KtgNG1LDg0mHqLCnkoND4cR8XtV5xcGikk9P | |
| UklQ1l2ciJCv5tsKasZwPBn7DBMtpJORvPS1kT/s3ZzkYwzl8pZ4cT6LZyiG2pSc | |
| = | |
| DKIM-Signature: | v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id |
| :list-unsubscribe:list-subscribe:list-archive:list-post | |
| :list-help:sender:message-id:date:from:mime-version:to:subject | |
| :references:in-reply-to:content-type:content-transfer-encoding; | |
| s=default; bh=acG7mJqCiTOHjxe+FYZQVTmF7ac=; b=N0Oihg00rVl++pBe7 | |
| XsGmnvZJxAxCPdqjtwOySqG/rYOfxBrwVgQdfqyJhqQM5mxbKwu+etDjn24gxpTz | |
| HOWo7X8IC+gmFjbJ+ewGVIf3beaTusG1j+XATuxcKRW/sH0383+OYu7PB5LE2JhJ | |
| aEbTam8kmNWseNRfAqLiPwUKHo= | |
| Mailing-List: | contact cygwin-help AT cygwin DOT com; run by ezmlm |
| List-Id: | <cygwin.cygwin.com> |
| List-Subscribe: | <mailto:cygwin-subscribe AT cygwin DOT com> |
| List-Archive: | <http://sourceware.org/ml/cygwin/> |
| List-Post: | <mailto:cygwin AT cygwin DOT com> |
| List-Help: | <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs> |
| Sender: | cygwin-owner AT cygwin DOT com |
| Mail-Followup-To: | cygwin AT cygwin DOT com |
| Delivered-To: | mailing list cygwin AT cygwin DOT com |
| Authentication-Results: | sourceware.org; auth=none |
| X-Virus-Found: | No |
| X-Spam-SWARE-Status: | No, score=-1.9 required=5.0 tests=AWL,BAYES_20,RCVD_IN_DNSWL_NONE,RP_MATCHES_RCVD autolearn=ham version=3.3.2 |
| X-HELO: | mailout08.t-online.de |
| Message-ID: | <541378C4.6030705@t-online.de> |
| Date: | Sat, 13 Sep 2014 00:50:44 +0200 |
| From: | Christian Franke <Christian DOT Franke AT t-online DOT de> |
| User-Agent: | Mozilla/5.0 (Windows NT 6.1; WOW64; rv:29.0) Gecko/20100101 Firefox/29.0 SeaMonkey/2.26.1 |
| MIME-Version: | 1.0 |
| To: | cygwin AT cygwin DOT com |
| Subject: | Re: Cannot exec() program outside of /bin if PATH is unset |
| References: | <5413271B DOT 1010109 AT t-online DOT de> <54134A83 DOT 80107 AT redhat DOT com> <54135451 DOT 3060902 AT t-online DOT de> <601154762 DOT 20140913012935 AT yandex DOT ru> |
| In-Reply-To: | <601154762.20140913012935@yandex.ru> |
| X-IsSubscribed: | yes |
Andrey Repin wrote: >> Hmm... is postfix actually broken? >> Unsetting PATH is IMO sane (from the POSIX POV) if all exec() calls use >> absolute path names. > If all exec() calls are made with full paths, unsetting $PATH does not improve > security in any way, Of course. But postfix could be configured to run "unknown" external programs through its various daemons. In this case, a fixed (here: empty) PATH improves security. If not convinced, please discuss with the author of postfix :-) > but leave underlying system in an inconsistent state. I don't see any added inconsistencies, please explain. > This is not limited to Cygwin1.dll, but to all other system DLL's that you > might need to load. No. The "system" (aka "Windows") DDLs are always found due to the built-in defaults which *precede* PATH: http://msdn.microsoft.com/en-us/library/windows/desktop/ms682586.aspx The Cygwin "system" DLLs may be not found if PATH is modified/unset, therefore I suggested to fix this by a SetDllDirectory() call. -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
| webmaster | delorie software privacy |
| Copyright © 2019 by DJ Delorie | Updated Jul 2019 |