X-Recipient: archive-cygwin@delorie.com
DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:date:from:reply-to:message-id:to:subject
	:in-reply-to:references:mime-version:content-type
	:content-transfer-encoding; q=dns; s=default; b=xz56z5Mg2yO7kRzZ
	hIOFIHrYE9s4jWsoharOsTZxIpUzGjDqWOb6PRxurd33O3n/s5qMs4zeQB1T49IV
	v/fplB2Hyubt5xp7syw2adPz2NruXlYmknBhAPz68HNdgl87wZoxAAKtaIIxiYx9
	KA/q2iMAW6aKNUNB5NdDGpYH2ns=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:date:from:reply-to:message-id:to:subject
	:in-reply-to:references:mime-version:content-type
	:content-transfer-encoding; s=default; bh=ZQRZy2KQy3a5JPCtYgSx7S
	XlhDw=; b=s1Hc+CFUV3jxm/q5xDY2rfm7vNDPeX4WNBmLmUmqYG7BvHTpbO5xbW
	BB0TjytL13oE1eXzeJx3GsfVF+6yG8xw7YP6GTbO5S+mui40g9cwN9Hko4hjVN4S
	kr3/fXBv+jjg0jFofUf2W2QXbkEYsLW0YVZ4hV+QnO8+m7aSV1lao=
Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe@cygwin.com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin@cygwin.com>
List-Help: <mailto:cygwin-help@cygwin.com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner@cygwin.com
Mail-Followup-To: cygwin@cygwin.com
Delivered-To: mailing list cygwin@cygwin.com
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=3.5 required=5.0 tests=AWL,BAYES_50,FREEMAIL_FROM,KAM_THEBAT,SPF_SOFTFAIL autolearn=no version=3.3.2
X-HELO: smtpback.ht-systems.ru
Date: Sat, 13 Sep 2014 01:29:35 +0400
From: Andrey Repin <anrdaemon@yandex.ru>
Reply-To: cygwin@cygwin.com
Message-ID: <601154762.20140913012935@yandex.ru>
To: Christian Franke <Christian.Franke@t-online.de>, cygwin@cygwin.com
Subject: Re: Cannot exec() program outside of /bin if PATH is unset
In-Reply-To: <54135451.3060902@t-online.de>
References: <5413271B.1010109@t-online.de> <54134A83.80107@redhat.com> <54135451.3060902@t-online.de>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-IsSubscribed: yes

Greetings, Christian Franke!

>>> Enabling the SetDllDirectory() Win32 call fixes the problem.
>>> Would possibly make sense to add this call to cygwin1.dll.
>> That said, just because POSIX has already given us the
>> get-out-of-jail-free card doesn't mean that we can't be nice and improve
>> cygwin1.dll to try and help broken programs that unset PATH.

> Hmm... is postfix actually broken?
> Unsetting PATH is IMO sane (from the POSIX POV) if all exec() calls use 
> absolute path names.

If all exec() calls are made with full paths, unsetting $PATH does not improve
security in any way, but leave underlying system in an inconsistent state. As
you've witnessed yourself.
This is not limited to Cygwin1.dll, but to all other system DLL's that you
might need to load.


--
WBR,
Andrey Repin (anrdaemon@yandex.ru) 13.09.2014, <1:27>

Sorry for my terrible english...


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple