Avoiding /etc/passwd and /etc/group scans

Robert Collins rbcollins@cygwin.com
Tue Oct 22 17:19:00 GMT 2002


On Wed, 2002-10-23 at 08:25, Igor Pechtchanski wrote:


> > Here's a short term workaround, until we fix setup.exe.

> 
> You should be careful of pre-existent files.  The user may have set their
> permissions to non-executable on purpose, and will be surprised if they
> suddenly become executable.  It would be safer if the postinstall .bat
> file only affected the executables that setup has just installed.  I know
> this is against the general principles of setup, but could it, perhaps,
> generate that .bat file?  Another possibility would be doing this only for
> new installs, although I'm not quite sure how to detect this within
> either setup or the postinstall script...


Note the words "short term". Setup can setup the permissions itself,
when we put the appropriate code in place. It needs to emulate the
cygwin ntsec behaviour to do this which requires some development.

Rob

-- 

---
GPG key available at: http://users.bigpond.net.au/robertc/keys.txt.
---
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://cygwin.com/pipermail/cygwin-developers/attachments/20021022/644166d2/attachment.sig>


More information about the Cygwin-developers mailing list