| delorie.com/archives/browse.cgi | search |
| X-Recipient: | archive-cygwin AT delorie DOT com |
| DomainKey-Signature: | a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id |
| :list-unsubscribe:list-subscribe:list-archive:list-post | |
| :list-help:sender:mime-version:in-reply-to:references:from:date | |
| :message-id:subject:to:content-type; q=dns; s=default; b=k0VJzc/ | |
| dPxPHbqf1cJb1z7n/kZJiyHV44geOA6YNC+Mk4UiViHH2SO7wnCKT8zAEo5EIPpK | |
| ycYfySYo47LK9Qvz9CKEz1qwC8hnMZ9W3CF3j2hMzMX170BMJ+YEpr9FYXVxfJQB | |
| z6x73orQ/UrQ/HqfwU6H8iB3O9XWcpX810H4= | |
| DKIM-Signature: | v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id |
| :list-unsubscribe:list-subscribe:list-archive:list-post | |
| :list-help:sender:mime-version:in-reply-to:references:from:date | |
| :message-id:subject:to:content-type; s=default; bh=JY8pUCAAojovc | |
| sYVL0EyPx/ID9M=; b=xC/52TT2JyZ9zAZmzc+qne1AJuJtDj60zd9tXKxjiiLDo | |
| pNTmeMFqFHVPuxF84BVk1Qt49VsuyQGTM9ecPNCiF/rcWegCbmpXwFc3/4dBAcYP | |
| HlI5N1Uc2BWYBDSGxjPjZPSQLfUEMLFpfts0p1k3hR6KIPuumew8hn8K793Mak= | |
| Mailing-List: | contact cygwin-help AT cygwin DOT com; run by ezmlm |
| List-Id: | <cygwin.cygwin.com> |
| List-Subscribe: | <mailto:cygwin-subscribe AT cygwin DOT com> |
| List-Archive: | <http://sourceware.org/ml/cygwin/> |
| List-Post: | <mailto:cygwin AT cygwin DOT com> |
| List-Help: | <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs> |
| Sender: | cygwin-owner AT cygwin DOT com |
| Mail-Followup-To: | cygwin AT cygwin DOT com |
| Delivered-To: | mailing list cygwin AT cygwin DOT com |
| Authentication-Results: | sourceware.org; auth=none |
| X-Virus-Found: | No |
| X-Spam-SWARE-Status: | No, score=-0.3 required=5.0 tests=AWL,BAYES_00,FREEMAIL_FROM,RCVD_IN_DNSWL_LOW,SPF_PASS autolearn=no version=3.3.2 |
| X-HELO: | mail-pa0-f53.google.com |
| X-Received: | by 10.70.25.132 with SMTP id c4mr15979105pdg.107.1410578486962; Fri, 12 Sep 2014 20:21:26 -0700 (PDT) |
| MIME-Version: | 1.0 |
| In-Reply-To: | <54137295.4070304@redhat.com> |
| References: | <5413271B DOT 1010109 AT t-online DOT de> <54134A83 DOT 80107 AT redhat DOT com> <54135451 DOT 3060902 AT t-online DOT de> <54137295 DOT 4070304 AT redhat DOT com> |
| From: | David Boyce <dsb AT boyski DOT com> |
| Date: | Fri, 12 Sep 2014 23:21:06 -0400 |
| Message-ID: | <CACUHbYPkcZ3t6wnrw_4hOEb3qWco33q1d9tDGfA7mYz3Qp982Q@mail.gmail.com> |
| Subject: | Re: Cannot exec() program outside of /bin if PATH is unset |
| To: | cygwin AT cygwin DOT com |
| X-IsSubscribed: | yes |
On Fri, Sep 12, 2014 at 6:24 PM, Eric Blake <eblake AT redhat DOT com> wrote:
> On 09/12/2014 02:15 PM, Christian Franke wrote:
>>>> unsetenv("PATH");
>>> This is undefined behavior, per POSIX. POSIX recommends that you always
>>> leave PATH defined to at least a bare minimum of the results of
>>> confstr(_CS_PATH, ...); it also states that implementations are free to
>>> do what they want (in this case, crash) if you don't follow the
>>> recommendation:
>>>
>>> http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap08.html
>>> "If PATH is unset or is set to null, the path search is
>>> implementation-defined."
>>
>> There is no POSIX PATH search needed in my testcase:
>> execl("/usr/sbin/alternatives", ...)
>
> PATH may not be needed for execl() to find the binary it will be
> executing, but it IS required to be set in the environment to the bare
> minimum of confstr(_CS_PATH) for that binary to have a chance of
> executing in a well-defined setup.
Eric,
I think your interpretation is wrong. The line you quote from POSIX
refers to a "path search" but there is no path search happening here.
The concept of path search is implicitly defined by the first line in
your citation:
"PATH: This variable shall represent the sequence of path prefixes
that certain functions and utilities apply in searching for an
executable file known only by a filename."
Notice the way this sentence ends. The argument to execl() is a full
path, not "only a filename", thus no PATH search is involved. I agree
that unsetting PATH is not ideal practice but I think it's perfectly
well defined by POSIX.
David
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
| webmaster | delorie software privacy |
| Copyright © 2019 by DJ Delorie | Updated Jul 2019 |