This is the mail archive of the
mailing list for the Cygwin project.
Re: env -i specialities on cygwin
- From: Igor Pechtchanski <pechtcha at cs dot nyu dot edu>
- To: Christian Weinberger <christian dot weinberger at directbox dot com>
- Cc: cygwin at cygwin dot com
- Date: Fri, 3 Sep 2004 09:22:46 -0400 (EDT)
- Subject: Re: env -i specialities on cygwin
- References: <loom.20040903T131145email@example.com>
- Reply-to: cygwin at cygwin dot com
On Fri, 3 Sep 2004, Christian Weinberger wrote:
> If one want´s to start a new process without an environment, env -i will be
> the choice.
> In the cygwin enviroment this leads to problems if /bin or /usr/bin are not
> added to the PATH in the new process. In this case the cygwin1.dll is not
> in the path and will not be found be the process that just tries to start.
> This is true for all other DLLs that may be used by the cygwin executable.
Yes, that's the way Windows works. You *have* to have /bin in your PATH
if you want the Windows dynamic loader to find your DLL.
> There are two options to avoid this:
> 1) Modify all shell scripts that use env -i to include /usr/bin in the PATH
> when porting appications to cygwin. This means lots of manual work since
> shell scripts are often not considered to be dynamic in autoconf/automake
> 2) Modify the env binary to always include /usr/bin to the path, even if
> the -i switch is specified. But this will not just allow access to the DLLs
> but to all executables in the same directory. This may raise security
Option 2 looks like one that follows the principle of least surprise.
Frankly, I don't see how this raises security problems, as the executables
can always be accessed directly via /bin/blah.exe or /usr/bin/blah.exe
> A third solution would be to have all cygwin DLLs in a separate directory
> where no executables reside. But this would be a more dramatic change to
> the distribution.
If you want better security (i.e., protection from malicious scripts), use
|\ _,,,---,,_ firstname.lastname@example.org
ZZZzz /,`.-'`' -. ;-;;,_ email@example.com
|,4- ) )-,_. ,\ ( `'-' Igor Pechtchanski, Ph.D.
'---''(_/--' `-'\_) fL a.k.a JaguaR-R-R-r-r-r-.-.-. Meow!
"Happiness lies in being privileged to work hard for long hours in doing
whatever you think is worth doing." -- Dr. Jubal Harshaw
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html