This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Cannot exec() program outside of /bin if PATH is unset


On Oct  9 08:25, Eric Blake wrote:
> On 10/09/2014 04:03 AM, Corinna Vinschen wrote:
> 
> > Ok.  Or... hmm.  The fact that using SetDllDirectory disallows searching
> > the CWD got me thinking twice.  Security-wise it would really be the
> > right thing to do.  Usually DLLs are in defined search paths:
> > 
> > - Application dir
> > - Application defined dirs
> > - System dirs
> > 
> > So, what scenario would actually break by removing CWD from the search
> > path?  Running tests in an libtoolized project dir, perhaps?  Is that a
> > valid concern or did libtool already take care of this?
> 
> Running a libtool project is probably unimpacted - libtool builds
> in-tree dlls into a subdirectory, which is not usually the CWD.

Right, and AFAICS a wrapper is created which adds the path to the
DLLs to $PATH before starting the actual executable.  So this is no
problem at all.

Any other idea what *might* be broken if we remove CWD from the 
DLL search path?


Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Maintainer                 cygwin AT cygwin DOT com
Red Hat

Attachment: pgpZZcimQX3mg.pgp
Description: PGP signature


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]