Mailing-List: contact cygwin-developers-help AT cygwin DOT com; run by ezmlm List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-developers-owner AT cygwin DOT com Delivered-To: mailing list cygwin-developers AT cygwin DOT com Subject: Re: Avoiding /etc/passwd and /etc/group scans From: Robert Collins To: cygwin-developers AT cygwin DOT com In-Reply-To: References: Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="=-Zbpnqxyj1DxqWRY99M42" Date: 23 Oct 2002 10:19:19 +1000 Message-Id: <1035332360.7764.1.camel@lifelesswks> Mime-Version: 1.0 --=-Zbpnqxyj1DxqWRY99M42 Content-Type: text/plain Content-Transfer-Encoding: quoted-printable On Wed, 2002-10-23 at 08:25, Igor Pechtchanski wrote: > > Here's a short term workaround, until we fix setup.exe. >=20 > You should be careful of pre-existent files. The user may have set their > permissions to non-executable on purpose, and will be surprised if they > suddenly become executable. It would be safer if the postinstall .bat > file only affected the executables that setup has just installed. I know > this is against the general principles of setup, but could it, perhaps, > generate that .bat file? Another possibility would be doing this only fo= r > new installs, although I'm not quite sure how to detect this within > either setup or the postinstall script... Note the words "short term". Setup can setup the permissions itself, when we put the appropriate code in place. It needs to emulate the cygwin ntsec behaviour to do this which requires some development. Rob --=20 --- GPG key available at: http://users.bigpond.net.au/robertc/keys.txt. --- --=-Zbpnqxyj1DxqWRY99M42 Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQA9tesHI5+kQ8LJcoIRAvpDAJ9vzPbdcEyvk2k2IQ3rG2lyk+eCOACfbPfg iDsOKNwVSD9E0TnmiO0YE7k= =KArb -----END PGP SIGNATURE----- --=-Zbpnqxyj1DxqWRY99M42--