Feedback needed on proposed cygwin feature

Chris Faylor cgf@bbc.com
Fri Dec 5 08:07:00 GMT 1997


In article < 3120D53DC9D5D011A59A00C0F016383303A323@server1 >,
Michael Anthon  <anthonm@tams.com.au> wrote:
>On Thursday, 4 December 1997 12:31, cgf@bbc.com [SMTP:cgf@bbc.com]
>wrote:
>> In article < 34856623.C5226DBC@twinspot.net >,
>> Tomas Fasth  <tomas.fasth@twinspot.net> wrote:
>> >Modifying the exe file "on-the-fly" for environmental settings is not
>to
>> >recommend. Two of the reasons I can think of is:
>> >
>> >* Security considerations in a multiuser / multiprocess environment.
>> 
>> What security considerations are there that are not also present with
>> any other scheme, whether it is using extended attributes or setting
>options
>> in the registry?  You would have to have the right privileges to
>change
>> the binary.
>
>Modification of binary files in a multi-user environment is not a good
>thing.  The registry is there, you may as well use it.  Something I have
>not yet seen mentioned is the fact that each user can have a separate
>profile in the registry, making it easy for each user to have different
>settings.  Modifying the binary might get just a little frustrating if
>someone else keeps changing it to the way THEY like things (unless you
>want to fill your hdd with multiple copies of executables)
>Also, for a user to be able to modify a binary, they would need write
>access to that binary.  I suspect this would cause nightmares for sys
>admins, not to mention the possibility of adding back doors directly
>into the binaries themselves.  I bet a normal user can't modify any of
>the shell binaries in a standard Unix setup.

No, you're right.  A normal user would use environment variables, which
are still available.

I had envisioned the use of the registry as a way to set defaults for
specific programs on a system, not as a way for each user to modify
their needs for a specific program.  It is a subtle difference.
-- 
http://www.bbc.com/	cgf@bbc.com			"Strange how unreal
VMS=>UNIX Solutions	Boston Business Computing	 the real can be."
-
For help on using this list (especially unsubscribing), send a message to
"gnu-win32-request@cygnus.com" with one line of text: "help".



More information about the Cygwin mailing list