| delorie.com/archives/browse.cgi | search |
| X-Recipient: | archive-cygwin AT delorie DOT com |
| DomainKey-Signature: | a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id |
| :list-unsubscribe:list-subscribe:list-archive:list-post | |
| :list-help:sender:date:from:to:subject:message-id:reply-to | |
| :references:mime-version:content-type:in-reply-to; q=dns; s= | |
| default; b=MI8JIWG63rKmDpxY6/MqZcMXkiveD0zrwg8XwaRog36Z9qolHk8Xl | |
| H6tHC5eNIBVJGPbjrEEFr3uzhWuK301Jn7bDXdJtVdbiYX6N0GsMkzrMXGtFvuRI | |
| hiflUOh/3RM3VsnImaQ5de8TWWr9fNhk6f67sq549xWEj+Y2eZXqqU= | |
| DKIM-Signature: | v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id |
| :list-unsubscribe:list-subscribe:list-archive:list-post | |
| :list-help:sender:date:from:to:subject:message-id:reply-to | |
| :references:mime-version:content-type:in-reply-to; s=default; | |
| bh=rIBdZb4AFB1Xukm1cdWaKLsGJDo=; b=Uh87wSpLlJHEG+MEmvWBA50yG0Iv | |
| V7P4nE8c0ftGiPE5AKSHV9E9yycws3Z3XDtMeoByIQDSOw1B7VYGgHTfQ7PWmIBc | |
| in46Nemtpzxm9Tz65SYraXQd6YCXRtjFnwQiW7u6V8q1GR8wwDVXFjLhiGDSL3s8 | |
| FAv3D8Je/bZCkl0= | |
| Mailing-List: | contact cygwin-help AT cygwin DOT com; run by ezmlm |
| List-Id: | <cygwin.cygwin.com> |
| List-Subscribe: | <mailto:cygwin-subscribe AT cygwin DOT com> |
| List-Archive: | <http://sourceware.org/ml/cygwin/> |
| List-Post: | <mailto:cygwin AT cygwin DOT com> |
| List-Help: | <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs> |
| Sender: | cygwin-owner AT cygwin DOT com |
| Mail-Followup-To: | cygwin AT cygwin DOT com |
| Delivered-To: | mailing list cygwin AT cygwin DOT com |
| Authentication-Results: | sourceware.org; auth=none |
| X-Virus-Found: | No |
| X-Spam-SWARE-Status: | No, score=-5.9 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.3.2 |
| X-HELO: | calimero.vinschen.de |
| Date: | Fri, 24 Oct 2014 22:45:36 +0200 |
| From: | Corinna Vinschen <corinna-cygwin AT cygwin DOT com> |
| To: | cygwin AT cygwin DOT com |
| Subject: | Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.33-0.1 |
| Message-ID: | <20141024204536.GQ20607@calimero.vinschen.de> |
| Reply-To: | cygwin AT cygwin DOT com |
| Mail-Followup-To: | cygwin AT cygwin DOT com |
| References: | <announce DOT 20141022092323 DOT GH32374 AT calimero DOT vinschen DOT de> <A0FD00D9-6DFB-4E3D-9FDE-44BC1CAAEEDC AT Denis-Excoffier DOT org> <20141024110209 DOT GJ20607 AT calimero DOT vinschen DOT de> <25D5C8B8-57B7-449C-95C6-CD9055816B6B AT Denis-Excoffier DOT org> <20141024193638 DOT GO20607 AT calimero DOT vinschen DOT de> <544AB396 DOT 5060300 AT t-online DOT de> |
| MIME-Version: | 1.0 |
| In-Reply-To: | <544AB396.5060300@t-online.de> |
| User-Agent: | Mutt/1.5.23 (2014-03-12) |
--o41d8xLWOaLD8vYh
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Oct 24 22:16, Christian Franke wrote:
> Corinna Vinschen wrote:
> >[Christian, please chime in]
> >
> >On Oct 24 20:41, Denis Excoffier wrote:
> >>> From Cygwin's POV {/usr}/bin is a system dir. For security reasons it
> >>>makes sense that the system DLLs in /bin cannot be overridden, unless
> >>>it's an installation issue which should be covered by looking into the
> >>>application installation dir first.
> >>Instead of adding the lookup of /usr/bin before the PATH, you could add
> >>it afterwards?
> >No. You don't expect this kind of flexibility in the Win32 API, do you?
>=20
> [The *LIBPATH variables from MS OS/2 (1987) never made it to Win API :-]
>=20
>=20
> >The way it works is, there's a call SetDllDirectory which replaces the "=
."
> >in the DLL search path with the directory given as argument. The search
> >order is always this:
> >
> > application dir
> > dir given in SetDllDirecory (Cygwin's bin)
> > system dirs
> > $PATH
> >
> >>Or do you mean that my use is bad practice for security
> >>reasons? That there might be some unexpected DLL somewhere in the PATH?
> >>IIRC, in linux/solaris, LD_LIBRARY_PATH is not honored when you are roo=
t,
> >>not otherwise.
> >Not quite. LD_LIBRARY_PATH is only ignored if the excutable is a
> >suid/sgid executable. Unfortunately we don't have LD_LIBRARY_PATH at
> >all when running execve (but we have in dlopen).
> >
> >>>Having said that, moving your DLLs into the application dir is really
> >>>not an option?
> >>Oh yes, i use it all the time. It is the job of 'make install' to also
> >>install the appropriate DLLs. The point here is for 'make check'.
> >Yeah.
> >
> >Sigh.
> >
> >I don't like the idea either that this simple change breaks existing
> >scenarios. I'm inclined to revert this change.
> >
> >Christian, would you mind terribly to re-add the tweak to postfix
> >to set $PATH?
> >
>=20
> No problem.
Thanks, I'm relieved.
> Another possible solution:
> Check for e.g. CYGWIN_DLLPATH environment variable before calling
> SetDllDirectory().
>=20
> If unset or empty, call SetDllDirectory("X:\path_to_cygwin\bin");
> else if set to ".", do nothing.
> else call SetDllDirectory(CYGWIN_DLLPATH);
>=20
> The above 'make check' should then work again as 'CYGWIN_DLLPATH=3D. make
> check'.
Hmm. This requirement to set CYGWIN_DLLPATH would be far from obvious
for the user, though.
> Possible enhancement: If AddDllDirectory() is available (>=3D Win8), acce=
pt a
> real search path in CYGWIN_DLLPATH.
Per MSDN, AddDllDirectory only works for LoadLibrary{Ex}, and the DLL
search order when using SetDefaultDllDirectories looks entirely
different from the other default search orders(*).
Even if it works for CreateProcess as well, the probably worst problem
is that $PATH is not evaluated anymore.
OTOH, this might allow us to redefine the DLL search path in a way which
enables LD_LIBRARY_PATH handling for Cygwin, but a patch to use this
stuff would be pretty intrusive.
Thanks,
Corinna
(*) http://msdn.microsoft.com/en-us/library/windows/desktop/hh310515%28v=3D=
vs.85%29.aspx
--=20
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Maintainer cygwin AT cygwin DOT com
Red Hat
--o41d8xLWOaLD8vYh
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBAgAGBQJUSrpwAAoJEPU2Bp2uRE+g8iEQAKKje5IAS122G8iz1+CCi33r
RL586N0i9uneTfi/B+AWd9ATlYNSRkMDOyReIWrAhA1Il4Zgjy12I7SPSqynQnm/
TVrK90b83wSuNnEBuam5EBFvslfH7/Dq4sEkPhwHxurh8SwBeYFHHjFEG9hZXGjs
94XsOXxczQVHTHuFR3YqkLP/WuFvJA5vHfBmPiapEDwG8Eo3yWRPZI8c1ROIRvkJ
lB5YQ4p8Ua5Z3kXtDRE36NULchxD1EvcOpEhsci2kb5o4YRkKnH25A46xTzH77G6
0WIPj/5qVPiBUVo21NRjMsTNFbb+3hXY3/OpoU8h2fIun9f2MfGJRgJugnDYaEI+
27BWMPnKn+fIrl2CmCV/d53fnxegj6coRomnCXEI12IoVNOKD3rH5DcJC9hASk4x
F9ResqSN6iSZVlDGz98A5braPFIqy+0si2lC6YncnN5yEvVvMlkAljbUnb4cZwYB
8SG/5cG8up5SbFMYmsywFH8Az4nwKHXNAffoPmLkTIHihTpyGOklzx7VL4bAXPbc
t5NUVJOajTYMSOIQXudcTK+5HoySbb7E7xzDhzTXztCN0xNFpj+sw6T9y7AYX3cN
w67z6ppJO+wyCkeYwqy24xWTabWkj483JD/0lz51FbEicYx8Xk0DzYLwz66BwUyo
AyYZ1N5NKJAa3qJZ7Tr7
=dbVC
-----END PGP SIGNATURE-----
--o41d8xLWOaLD8vYh--
| webmaster | delorie software privacy |
| Copyright © 2019 by DJ Delorie | Updated Jul 2019 |