This is the mail archive of the
cygwin-developers@cygwin.com
mailing list for the Cygwin project.
Re: Shell scripts [was Re: Avoiding /etc/passwd and /etc/group scans]
At 09:26 PM 10/22/2002 -0400, Christopher Faylor wrote:
>>All your changes in fhandler_disk_file.cc are in the branch with
>>get_file_attribute () != 0, Thus they do not apply to successful calls
>>with ntsec.
>
>No, they're not.
Oops. Now that I look at the source and not the web diff it's obvious.
>We've made ntsec the default but there are possibly a number of people
>out there who have never done a 'chmod a+x foo' on their shell scripts.
>Until we have a consistent story on how to solve their problems, I think
>it makes sense to make '#!' always executable.
OK, it hits me hard. I have thought too much about the sids mapping issue.
>I'm willing to be swayed on this but, so far, it doesn't seem like anyone
>is effectively communicating with anyone else here. We need to get on
>the same page wrt the problems and how we are going to solve them.
That's a tough one.
I see 3 possible ways:
1) Your current way. Magic => executable.
Convenient but chmod is broken and big break with Unix.
2) use another CYGWIN= variable, to make that feature optional.
3) use nontsec if you are not willing to 'chmod a+x foo'
I think I would vote for 3.
I would also distribute a script or a program to chmod all scripts
in a tree. Under user control, not from setup.
Also, you have
buf->st_mode |= STD_XBITS;
so there will be x bits even when it isn't readable.
That can be improved easily, for 1 or 2 or the script.
Pierre