Mailing-List: contact cygwin-developers-help AT cygwin DOT com; run by ezmlm List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-developers-owner AT cygwin DOT com Delivered-To: mailing list cygwin-developers AT cygwin DOT com Date: Tue, 22 Oct 2002 21:26:19 -0400 From: Christopher Faylor To: cygwin-developers AT cygwin DOT com Subject: Re: Shell scripts [was Re: Avoiding /etc/passwd and /etc/group scans] Message-ID: <20021023012619.GB24001@redhat.com> Reply-To: cygwin-developers AT cygwin DOT com Mail-Followup-To: cygwin-developers AT cygwin DOT com References: <20021022181947 DOT GA4729 AT redhat DOT com> <3DB5A076 DOT ABAFF076 AT ieee DOT org> <20021022191217 DOT GD4828 AT redhat DOT com> <3DB5AB53 DOT B434ED90 AT ieee DOT org> <20021022202004 DOT GA6995 AT redhat DOT com> <20021022203300 DOT GC6429 AT redhat DOT com> <3DB5BC04 DOT CD6587CB AT ieee DOT org> <20021022212028 DOT GG6429 AT redhat DOT com> <3DB5C3C4 DOT F57CE7B0 AT ieee DOT org> <3 DOT 0 DOT 5 DOT 32 DOT 20021022210518 DOT 008282a0 AT mail DOT attbi DOT com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <3.0.5.32.20021022210518.008282a0@mail.attbi.com> User-Agent: Mutt/1.5.1i On Tue, Oct 22, 2002 at 09:05:18PM -0400, Pierre A. Humblet wrote: >At 05:33 PM 10/22/2002 -0400, Christopher Faylor wrote: >>>About the shell scripts, I will look at your patch tonight. > >All your changes in fhandler_disk_file.cc are in the branch with >get_file_attribute () != 0, Thus they do not apply to successful calls >with ntsec. No, they're not. I moved the '#!' check outside of the get_file_attribute test entirely. I had originally moved the .exe check outside of the block but that didn't make any sense, in hindsight, since it just forced cygwin to report .exe files as executable when windows couldn't actually execute them. This is not the problem for '#!' scripts, however. Cygwin can execute them regardless of whether ntsec or Windows thinks they're executable or not. >>>Why do you want to be different from regular Unix and report x >>>just because the file starts with #! ? >>>Why not force the user to chmod +x the scripts, for them to be >>>executable? >> >>I am just trying to minimize the impact on users. For purity sake, >>I'd rather leave things as they were, actually. >> >OK, it would be very disturbing to change the behavior of scripts >and suddenly force them to have an ACL allowing execution in order >to execute them. >But what needs to be changed in the mode display? It's not just "mode display". It affects whether a script will be executed or not. >Actually I would also rather leave things as they were! > >At first I was afraid you would always show x for scripts, even when >ntsec is on. IMHO this would be a bad idea. For example chmod would start >behaving unexpectedly. That is exactly what the change does. This isn't just for display. We've made ntsec the default but there are possibly a number of people out there who have never done a 'chmod a+x foo' on their shell scripts. Until we have a consistent story on how to solve their problems, I think it makes sense to make '#!' always executable. I'm willing to be swayed on this but, so far, it doesn't seem like anyone is effectively communicating with anyone else here. We need to get on the same page wrt the problems and how we are going to solve them. cgf