| delorie.com/archives/browse.cgi | search |
| X-Recipient: | archive-cygwin AT delorie DOT com |
| X-Original-To: | cygwin AT cygwin DOT com |
| Delivered-To: | cygwin AT cygwin DOT com |
| DMARC-Filter: | OpenDMARC Filter v1.4.1 sourceware.org B7A053858D28 |
| Authentication-Results: | sourceware.org; dmarc=none (p=none dis=none) |
| header.from=SystematicSw.ab.ca | |
| Authentication-Results: | sourceware.org; |
| spf=none smtp.mailfrom=systematicsw.ab.ca | |
| X-Authority-Analysis: | v=2.4 cv=Ov8sdwzt c=1 sm=1 tr=0 ts=616c5ba3 |
| a=T+ovY1NZ+FAi/xYICV7Bgg==:117 a=T+ovY1NZ+FAi/xYICV7Bgg==:17 | |
| a=IkcTkHD0fZMA:10 a=NvJIefd1AAAA:8 a=yMhMjlubAAAA:8 a=uYT-Tk0qkVT609LjNaIA:9 | |
| a=QEXdDO2ut3YA:10 a=ogbyGQH7ugUA:10 a=zGUkOKmOs2wA:10 | |
| a=Z11pERy037KCMjAKJWwP:22 | |
| To: | cygwin AT cygwin DOT com |
| From: | Brian Inglis <Brian DOT Inglis AT SystematicSw DOT ab DOT ca> |
| Organization: | Systematic Software |
| Subject: | Windows October Update Patch Could Affect Symlinks |
| Message-ID: | <f0b67f08-611f-d198-258a-4deb28f86ac5@SystematicSw.ab.ca> |
| Date: | Sun, 17 Oct 2021 11:21:39 -0600 |
| User-Agent: | Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 |
| Thunderbird/78.14.0 | |
| MIME-Version: | 1.0 |
| X-CMAE-Envelope: | MS4xfBt+afXLDn4gCX8eC9InPWzA/I5molwxI4HA/XVoD4m+gzcdgBXvau+Nf0Yq3Pz3dqEceUH7yUyzobBnia80p55fC3sVOuPqVKcPauJVcU57QYW7HSQS |
| 4KdFKXCDFIsG7VIKYLhkicKQzfJgW0MecJQ+X2DEF7FcrZnLsD3j36OgFrsKjm4HWHgNhQ2oRLBWpYRgVQTl6FBmLHFlqmcOdnQ= | |
| X-Spam-Status: | No, score=-1159.3 required=5.0 tests=BAYES_00, |
| INDUSTRIAL_SUBJECT, KAM_DMARC_STATUS, KAM_LAZY_DOMAIN_SECURITY, | |
| RCVD_IN_BARRACUDACENTRAL, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H3, | |
| RCVD_IN_MSPIKE_WL, SPF_HELO_NONE, SPF_NONE, | |
| TXREP autolearn=no autolearn_force=no version=3.4.4 | |
| X-Spam-Checker-Version: | SpamAssassin 3.4.4 (2020-01-24) on |
| server2.sourceware.org | |
| X-BeenThere: | cygwin AT cygwin DOT com |
| X-Mailman-Version: | 2.1.29 |
| List-Id: | General Cygwin discussions and problem reports <cygwin.cygwin.com> |
| List-Archive: | <https://cygwin.com/pipermail/cygwin/> |
| List-Post: | <mailto:cygwin AT cygwin DOT com> |
| List-Help: | <mailto:cygwin-request AT cygwin DOT com?subject=help> |
| List-Subscribe: | <https://cygwin.com/mailman/listinfo/cygwin>, |
| <mailto:cygwin-request AT cygwin DOT com?subject=subscribe> | |
| Reply-To: | cygwin AT cygwin DOT com |
| Sender: | "Cygwin" <cygwin-bounces+archive-cygwin=delorie DOT com AT cygwin DOT com> |
While checking Windows October update patches found a vague reference to
a new Windows update patch affecting symlinks in the article:
https://www.computerworld.com/article/3637013/four-zero-day-exploits-add-urgency-to-octobers-patch-tuesday.html
"On the topic of lesser-used Windows features, the Microsoft NTFS file
system was updated to include a fix for symbolic links (helpful with
UNIX migrations). If you are in the middle of a large UNIX migration,
you may want to pause things a little and test out some large (and
parallel) file transfers before deploying this update."
Could not find anything definite about this patch or its effects or
whether it will create any issues. So this is just a heads up about
potential issues implied by the article. If anyone can find the actual
patch and any docs documenting potential changes or issues that may help.
The article's links to overview and generic articles on NTFS and
symlinks did not help:
https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/create-symbolic-links#security-considerations
pointing to existing:
https://docs.microsoft.com/en-us/windows-server/administration/windows-commands/fsutil-behavior
On my system, that shows:
Elevated > fsutil behavior set symlinkevaluation /? | grep -E "sym|link"
...
symlinkEvaluation {L2L|L2R|R2R|R2L}:{0|1} [...]
...
Sample SymlinkEvaluation command:
"fsutil behavior set symlinkEvaluation L2L:1 L2R:0"
- Will enable local to local symbolic links and disable local to
remote symbolic links. It will not change the state of remote to
remote links or remote to local links.
- This operation takes effect immediately (no reboot required)
...
Elevated > fsutil behavior query symlinkevaluation
Local to local symbolic links are enabled.
Local to remote symbolic links are enabled.
Remote to local symbolic links are disabled.
Remote to remote symbolic links are disabled.
...
--
Take care. Thanks, Brian Inglis, Calgary, Alberta, Canada
This email may be disturbing to some readers as it contains
too much technical detail. Reader discretion is advised.
[Data in binary units and prefixes, physical quantities in SI.]
--
Problem reports: https://cygwin.com/problems.html
FAQ: https://cygwin.com/faq/
Documentation: https://cygwin.com/docs.html
Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple
| webmaster | delorie software privacy |
| Copyright © 2019 by DJ Delorie | Updated Jul 2019 |