This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Cannot exec() program outside of /bin if PATH is unset


On 09/12/2014 11:02 AM, Christian Franke wrote:
> If PATH variable is unset or does not contain /bin or /usr/bin,
> exec("/not_bin/program", ...) fails because cygwin DLLs could not be
> loaded.
> 
> This affects postfix which cleans the environment to the bare minimum
> for security reasons.
> (fortunately there is an easy workaround, so this does not block postfix
> ITP)
> 
> Testcase:
> 
> $ cat nopath.cc
> #include <stdio.h>
> #include <stdlib.h>
> #include <unistd.h>
> // #include <windows.h>
> 
> int main()
> {
>   unsetenv("PATH");

This is undefined behavior, per POSIX.  POSIX recommends that you always
leave PATH defined to at least a bare minimum of the results of
confstr(_CS_PATH, ...); it also states that implementations are free to
do what they want (in this case, crash) if you don't follow the
recommendation:

http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap08.html
"If PATH is unset or is set to null, the path search is
implementation-defined."

> Enabling the SetDllDirectory() Win32 call fixes the problem.
> Would possibly make sense to add this call to cygwin1.dll.

That said, just because POSIX has already given us the
get-out-of-jail-free card doesn't mean that we can't be nice and improve
cygwin1.dll to try and help broken programs that unset PATH.

-- 
Eric Blake   eblake redhat com    +1-919-301-3266
Libvirt virtualization library http://libvirt.org

Attachment: signature.asc
Description: OpenPGP digital signature


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]