Mailing-List: contact cygwin-developers-help AT sourceware DOT cygnus DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-developers-subscribe AT sources DOT redhat DOT com>
List-Archive: <http://sources.redhat.com/ml/cygwin-developers/>
List-Post: <mailto:cygwin-developers AT sources DOT redhat DOT com>
List-Help: <mailto:cygwin-developers-help AT sources DOT redhat DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender: cygwin-developers-owner AT sources DOT redhat DOT com
Delivered-To: mailing list cygwin-developers AT sources DOT redhat DOT com
Date: Tue, 31 Oct 2000 22:55:55 +0300
From: Egor Duda <deo AT logos-m DOT ru>
X-Mailer: The Bat! (v1.45) Personal
Reply-To: Egor Duda <cygwin-developers AT sources DOT redhat DOT com>
Organization: DEO
X-Priority: 3 (Normal)
Message-ID: <16141549765.20001031225555@logos-m.ru>
To: Christopher Faylor <cygwin-developers AT sources DOT redhat DOT com>
Subject: Re: [RFD]: Execute permission for DLLs?
In-reply-To: <20001031122426.A27656@redhat.com>
References: <39FEA32B DOT 58D3518F AT cygnus DOT com> <20001031122426 DOT A27656 AT redhat DOT com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

Hi!

Tuesday, 31 October, 2000 Christopher Faylor cgf AT redhat DOT com wrote:

CF> On Tue, Oct 31, 2000 at 11:47:07AM +0100, Corinna Vinschen wrote:
>>On NTFS partitions, NT/W2K require the execute permission for DLLs to
>>allow loading a DLL on process startup.
>>
>>That's no problem unless a person using `ntsec' gets a tar archive
>>packed by a person not using `ntsec' or packing on a FAT partition.
>>Since Cygwin fakes the execute permission only for the suffixes
>>"exe", "bat", "com", DLLs are treated as non executable by the
>>stat() call when `ntsec' isn't set.
>>
>>When a person using `ntsec' unpacks that tar archive, the start of
>>an application which requires one of the DLLs from the archive will
>>fail with the Windows message
>>
>>  "The application failed to initialize properly (0xc0000022)"
>>
>>which isn't that meaningful for most of the users.
>>
>>To solve that problem we would have to do a simple step. Fake
>>execute permissions for DLLs when `ntsec' isn't set or the file
>>system doesn't support ACLs (FAT/FAT32).
>>
>>Thoughts?

CF> Are you saying that we *always* turn executable permissions on when
CF> we create a DLL file on NT?  That makes sense to me.

i've  understood  it  a bit differently. i think Corinna wants to turn
executable   bit   on  when  _creating_ tar file on "bad" system which
do not support ntsec, not when unpacking it on ntfs+ntsec system.
Turning  executable  permissions on when creating dll is solution too,
but  for  which  user will you turn in on? for everyone? i don't think
it's  a  right thing from security point of view. for owner and group?
then   you won't solve original problem.

Egor.            mailto:deo AT logos-m DOT ru ICQ 5165414 FidoNet 2:5020/496.19