X-Recipient: archive-cygwin AT delorie DOT com
DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:date:from:to:subject:message-id:reply-to
	:references:mime-version:content-type:in-reply-to; q=dns; s=
	default; b=aPAxCV1m7ZQO3UJY34GZdMYnvLeYESscpjgC/XTqSk0o69jbO8Tu3
	UptrWedhXU7yNMZltsDMFipBABhnxWKFiByT2V+Z3p4GtRRq18E3wHYrkrR5H7u9
	uLy3RbIr34T65pbbCBQUD7wq/j4CmhmV3rt9FWRrh/k+DL6kKj2b3w=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:date:from:to:subject:message-id:reply-to
	:references:mime-version:content-type:in-reply-to; s=default;
	 bh=Qun52tqA7FkYrAY7GtE7dX2ekLY=; b=I0a7GEnKpVmZRwCKcrdtE2KU/bmv
	CrUhUYdCckiRm1dKRWIme7DW+H9ASTfp5ELvJd4T1kM7Nj1eunoJBruuVDP5Ex33
	mpTRJK2FrW+HbslMJ3rdvVvxliwHd2JYSev8XeBZisOAm6l9LhwVxkkaNzr58SQ1
	rCdXHQWUGivY74I=
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Authentication-Results: sourceware.org; auth=none
X-Spam-SWARE-Status: No, score=-104.2 required=5.0 tests=AWL,BAYES_00,GOOD_FROM_CORINNA_CYGWIN,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 spammy=H*F:D*cygwin.com
X-HELO: mout.kundenserver.de
Date: Tue, 6 Aug 2019 10:33:00 +0200
From: Corinna Vinschen <corinna-cygwin AT cygwin DOT com>
To: cygwin AT cygwin DOT com
Subject: Re: Empty file without "x" permission is successfully executable on Cygwin
Message-ID: <20190806083300.GM11632@calimero.vinschen.de>
Reply-To: cygwin AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
References: <BL0PR0901MB43081893EE588BDED05886BFA5DA0 AT BL0PR0901MB4308 DOT namprd09 DOT prod DOT outlook DOT com> <eeb8deb6-fc17-1ecd-fb9d-6c0882f75dc1 AT cornell DOT edu> <7d007c9f-e98d-f497-d706-dbf94bb563f2 AT towo DOT net> <319f78d5-fbcd-712a-ba27-137bd1fbd439 AT cornell DOT edu> <8378710e-4533-ee50-0e31-7714982eec0d AT cornell DOT edu>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256;	protocol="application/pgp-signature"; boundary="F+wU6CH2q8RBGewX"
Content-Disposition: inline
In-Reply-To: <8378710e-4533-ee50-0e31-7714982eec0d@cornell.edu>
User-Agent: Mutt/1.11.3 (2019-02-01)

--F+wU6CH2q8RBGewX
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Aug  6 03:19, Ken Brown wrote:
> On 8/5/2019 4:39 PM, Ken Brown wrote:
> > On 8/5/2019 4:19 PM, Thomas Wolff wrote:
> >>
> >> Am 05.08.2019 um 22:01 schrieb Ken Brown:
> >>> On 8/5/2019 2:18 PM, Lavrentiev, Anton (NIH/NLM/NCBI) [C] via cygwin =
wrote:
> >>>> Hi,
> >>>>
> >>>> Please consider the following shell session:
> >>>>
> >>>> $ cat dummy.c
> >>>> #include <stdio.h>
> >>>>
> >>>> int main()
> >>>> {
> >>>>  =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 return 0;
> >>>> }
> >>>> $ gcc -o dummy dummy.c
> >>>> $ mv dummy.exe dummy
> >>>> $ ./dummy
> >>>> $ echo $?
> >>>> 0
> >>>> $ chmod a-x dummy
> >>>> $ ./dummy
> >>>> -bash: ./dummy: Permission denied
> >>>> $ rm dummy
> >>>> $ touch dummy
> >>>> $ ./dummy
> >>>> $ echo $?
> >>>> 0
> >>>>
> >>>> So Cygwin lets the shell to execute a zero-sized file regardless of =
the "x" perm
> >>>> (non-empty files are not executable if they do not have "x", as show=
n above).
> >>> I can't reproduce this on my system.=C2=A0 Can you show the permissio=
ns and ACL of
> >>> dummy?
> >>>
> >>>> There's more.=C2=A0 If I put some rubbish in a file, Cygwin still tr=
ies to execute
> >>>> it even if the "x" is not there:
> >>>>
> >>>> $ rm dummy
> >>>> $ echo "1" > dummy
> >>>> $ ./dummy
> >>>> ./dummy: line 1: 1: command not found
> >>> Again I can't reproduce this.
> >> I reproduce the behaviour:
> >>   > echo echo foo > bar
> >>   > ls -l bar
> >> -rw-r--r-- 1 towo None 9=C2=A0 5. Aug 22:18 bar
> >>   > ./bar
> >> foo
> >=20
> > You're right.  I was careless in my test.  Sorry for the noise.
>=20
> It look like what's happening is that bash calls execve(), which returns =
with=20
> errno ENOEXEC instead of EACCES.
>=20
> I'll look at this more tomorrow unless someone beats me to it.

Looks like the checks for this scenario are in the wrong order.  In
av::setup(), the first check is if the file is a valid executable and if
so, exec returns ENOEXEC (unless called via exec[vl]p).  Only if that
fails, av::setup checks the executability of the file(*).

Ken, I'll propose a patch on cygwin-patches, please check.


Thanks,
Corinna


(*) Note that the executability test only makes sense on filesystems
    supporting execute bits.  On FAT filesystems, no such check will take
    place and Cygwin will not encounter EACCES scenarios.

--=20
Corinna Vinschen
Cygwin Maintainer

--F+wU6CH2q8RBGewX
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEoVYPmneWZnwT6kwF9TYGna5ET6AFAl1JOzwACgkQ9TYGna5E
T6C16w/+OU1wA8SRRLW7L0aw3YKwRQu3N1nATbRJRNwIrWGnkUloJLXZVxzEDXwR
NnaXm7PC94WOds35UjJu4D+ufzcfBmeI5lRUe37i+KyxIF7cTex77bmp+SJhEYjS
XJx58NGrmEqQACbhjWEzgN0Nmw3sB2dHQoYZt1cLx1j+EkX7mFooZvhbSI94RMrp
VqxGi9Bo6N8RVPs93JUGdC2WKW/nRwuqLxwf/gqShx7hkvmEdtbJLeyjzOBm/OQB
PrtqHHpp2gpgNTeBHqFYn1nl5YDLaGaKQWLrC/Wrx1gDgpAmFGraqWhDLw8gBURO
JaBzTIH/cT7zJRfbkWZWd4aKgJv9HJP3L7OzE8STWzvWbUUPIaiPxcf7sLkDCYWf
L8GRKb/17wXN+dS0cmfGo8d5H2rUhd4fQZPt7E9Ghz4nAcro79tTZGyMCoalWDZp
YlLeTWDfem3GV3Y0d2l35+0K458nZWYe735CL1ZVuk3teW765wvgdEQpJ8lFBSM6
LThJb+Pc2kn3C7Km6tv//4pdb6c/gDjgEvZL4rcCGv7wV3VDaw4iA0Ch/6LVoOB3
4N7XUDLyrvriuVNPKbMgMB6i2+ATflW/5cEoPjLqPkswfkODilr415B3G1dkpVb7
w3gT25La52VgjVlT4aP43P6sOgQG0Z77KaPyvtwRmGKbrkPLZX4=
=gcw+
-----END PGP SIGNATURE-----

--F+wU6CH2q8RBGewX--