X-Recipient: archive-cygwin AT delorie DOT com
DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:message-id:date:from:mime-version:to:subject
	:references:in-reply-to:content-type:content-transfer-encoding;
	 q=dns; s=default; b=ksKklLy+AqljMTFpSVFBEseM8IX3ruTZX274f8HXB2P
	V+ribuZeLX9LoukMcIQNO2BRmhP1KtgNG1LDg0mHqLCnkoND4cR8XtV5xcGikk9P
	UklQ1l2ciJCv5tsKasZwPBn7DBMtpJORvPS1kT/s3ZzkYwzl8pZ4cT6LZyiG2pSc
	=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:message-id:date:from:mime-version:to:subject
	:references:in-reply-to:content-type:content-transfer-encoding;
	 s=default; bh=acG7mJqCiTOHjxe+FYZQVTmF7ac=; b=N0Oihg00rVl++pBe7
	XsGmnvZJxAxCPdqjtwOySqG/rYOfxBrwVgQdfqyJhqQM5mxbKwu+etDjn24gxpTz
	HOWo7X8IC+gmFjbJ+ewGVIf3beaTusG1j+XATuxcKRW/sH0383+OYu7PB5LE2JhJ
	aEbTam8kmNWseNRfAqLiPwUKHo=
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=-1.9 required=5.0 tests=AWL,BAYES_20,RCVD_IN_DNSWL_NONE,RP_MATCHES_RCVD autolearn=ham version=3.3.2
X-HELO: mailout08.t-online.de
Message-ID: <541378C4.6030705@t-online.de>
Date: Sat, 13 Sep 2014 00:50:44 +0200
From: Christian Franke <Christian DOT Franke AT t-online DOT de>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:29.0) Gecko/20100101 Firefox/29.0 SeaMonkey/2.26.1
MIME-Version: 1.0
To: cygwin AT cygwin DOT com
Subject: Re: Cannot exec() program outside of /bin if PATH is unset
References: <5413271B DOT 1010109 AT t-online DOT de> <54134A83 DOT 80107 AT redhat DOT com> <54135451 DOT 3060902 AT t-online DOT de> <601154762 DOT 20140913012935 AT yandex DOT ru>
In-Reply-To: <601154762.20140913012935@yandex.ru>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-IsSubscribed: yes

Andrey Repin wrote:
>> Hmm... is postfix actually broken?
>> Unsetting PATH is IMO sane (from the POSIX POV) if all exec() calls use
>> absolute path names.
> If all exec() calls are made with full paths, unsetting $PATH does not improve
> security in any way,

Of course. But postfix could be configured to run "unknown" external 
programs through its various daemons. In this case, a fixed (here: 
empty) PATH improves security. If not convinced, please discuss with the 
author of postfix :-)


> but leave underlying system in an inconsistent state.

I don't see any added inconsistencies, please explain.


> This is not limited to Cygwin1.dll, but to all other system DLL's that you
> might need to load.

No. The "system" (aka "Windows") DDLs are always found due to the 
built-in defaults which *precede* PATH:
http://msdn.microsoft.com/en-us/library/windows/desktop/ms682586.aspx

The Cygwin "system" DLLs may be not found if PATH is modified/unset, 
therefore I suggested to fix this by a SetDllDirectory() call.


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple