| delorie.com/archives/browse.cgi | search |
| X-Recipient: | archive-cygwin AT delorie DOT com |
| X-Original-To: | cygwin AT cygwin DOT com |
| Delivered-To: | cygwin AT cygwin DOT com |
| DMARC-Filter: | OpenDMARC Filter v1.4.1 sourceware.org 7AE473858007 |
| Authentication-Results: | sourceware.org; |
| dmarc=pass (p=none dis=none) header.from=yandex.ru | |
| Authentication-Results: | sourceware.org; spf=pass smtp.mailfrom=yandex.ru |
| DKIM-Signature: | v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex.ru; s=mail; |
| t=1634713500; bh=hxnlryKjAM/+lSi665aBT1I2tMBZmXrFiHVRpPan6oY=; | |
| h=In-Reply-To:Subject:From:Message-ID:References:Date:Reply-To:To; | |
| b=icy+sL/0T//ZI4vIIDPdpt36dFzvv8PCrud1pafbDBKLJl3Kq9Mq2u4cLRcS2PZGx | |
| cS/A2tjI0uzpZmvaZ6p/Y7Iai2b8rANAqgL7YreVaxtIwX4O2NGGitaR9r7HyBz4oN | |
| P4tXBPzXfeJk6LrxJdbYGNDfccGcoTmPDggC9geQ= | |
| Authentication-Results: | iva7-79032ba5307a.qloud-c.yandex.net; |
| dkim=pass header.i=@yandex.ru | |
| X-Yandex-Fwd: | 2 |
| Date: | Wed, 20 Oct 2021 09:55:40 +0300 |
| From: | Andrey Repin <anrdaemon AT yandex DOT ru> |
| X-Mailer: | The Bat! (v6.8.8) Home |
| X-Priority: | 3 (Normal) |
| Message-ID: | <10610219801.20211020095540@yandex.ru> |
| To: | Brian Inglis <cygwin AT cygwin DOT com>, cygwin AT cygwin DOT com |
| Subject: | Re: Windows October Update Patch Could Affect Symlinks |
| In-Reply-To: | <f0b67f08-611f-d198-258a-4deb28f86ac5@SystematicSw.ab.ca> |
| References: | <f0b67f08-611f-d198-258a-4deb28f86ac5 AT SystematicSw DOT ab DOT ca> |
| MIME-Version: | 1.0 |
| X-Spam-Status: | No, score=-0.1 required=5.0 tests=BAYES_00, DKIM_SIGNED, |
| DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FREEMAIL_FROM, INDUSTRIAL_SUBJECT, | |
| KAM_THEBAT, NICE_REPLY_A, SPF_HELO_NONE, SPF_PASS, | |
| TXREP autolearn=no autolearn_force=no version=3.4.4 | |
| X-Spam-Checker-Version: | SpamAssassin 3.4.4 (2020-01-24) on |
| server2.sourceware.org | |
| X-BeenThere: | cygwin AT cygwin DOT com |
| X-Mailman-Version: | 2.1.29 |
| List-Id: | General Cygwin discussions and problem reports <cygwin.cygwin.com> |
| List-Unsubscribe: | <https://cygwin.com/mailman/options/cygwin>, |
| <mailto:cygwin-request AT cygwin DOT com?subject=unsubscribe> | |
| List-Archive: | <https://cygwin.com/pipermail/cygwin/> |
| List-Post: | <mailto:cygwin AT cygwin DOT com> |
| List-Help: | <mailto:cygwin-request AT cygwin DOT com?subject=help> |
| List-Subscribe: | <https://cygwin.com/mailman/listinfo/cygwin>, |
| <mailto:cygwin-request AT cygwin DOT com?subject=subscribe> | |
| Reply-To: | cygwin AT cygwin DOT com |
| Errors-To: | cygwin-bounces+archive-cygwin=delorie DOT com AT cygwin DOT com |
| Sender: | "Cygwin" <cygwin-bounces+archive-cygwin=delorie DOT com AT cygwin DOT com> |
Greetings, Brian Inglis!
> While checking Windows October update patches found a vague reference to
> a new Windows update patch affecting symlinks in the article:
> https://www.computerworld.com/article/3637013/four-zero-day-exploits-add-urgency-to-octobers-patch-tuesday.html
> "On the topic of lesser-used Windows features, the Microsoft NTFS file
> system was updated to include a fix for symbolic links (helpful with
> UNIX migrations). If you are in the middle of a large UNIX migration,
> you may want to pause things a little and test out some large (and
> parallel) file transfers before deploying this update."
> Could not find anything definite about this patch or its effects or
> whether it will create any issues. So this is just a heads up about
> potential issues implied by the article. If anyone can find the actual
> patch and any docs documenting potential changes or issues that may help.
> The article's links to overview and generic articles on NTFS and
> symlinks did not help:
> https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/create-symbolic-links#security-considerations
> pointing to existing:
> https://docs.microsoft.com/en-us/windows-server/administration/windows-commands/fsutil-behavior
> On my system, that shows:
> Elevated > fsutil behavior set symlinkevaluation /? | grep -E "sym|link"
> ...
> symlinkEvaluation {L2L|L2R|R2R|R2L}:{0|1} [...]
> ...
> Sample SymlinkEvaluation command:
> "fsutil behavior set symlinkEvaluation L2L:1 L2R:0"
> - Will enable local to local symbolic links and disable local to
> remote symbolic links. It will not change the state of remote to
> remote links or remote to local links.
> - This operation takes effect immediately (no reboot required)
> ...
> Elevated > fsutil behavior query symlinkevaluation
> Local to local symbolic links are enabled.
> Local to remote symbolic links are enabled.
> Remote to local symbolic links are disabled.
> Remote to remote symbolic links are disabled.
> ...
This is an old setting and defaults for it are as shown.
If you've never changed them, it's worth checking to make sure they are
untouched. If you did change them at one point, check them to reconsider your
changes.
--
With best regards,
Andrey Repin
Wednesday, October 20, 2021 9:53:38
Sorry for my terrible english...
--
Problem reports: https://cygwin.com/problems.html
FAQ: https://cygwin.com/faq/
Documentation: https://cygwin.com/docs.html
Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple
| webmaster | delorie software privacy |
| Copyright © 2019 by DJ Delorie | Updated Jul 2019 |