Cannot exec() program outside of /bin if PATH is unset
Corinna Vinschen
corinna-cygwin@cygwin.com
Thu Oct 9 16:29:00 GMT 2014
On Oct 9 08:25, Eric Blake wrote:
> On 10/09/2014 04:03 AM, Corinna Vinschen wrote:
>
> > Ok. Or... hmm. The fact that using SetDllDirectory disallows searching
> > the CWD got me thinking twice. Security-wise it would really be the
> > right thing to do. Usually DLLs are in defined search paths:
> >
> > - Application dir
> > - Application defined dirs
> > - System dirs
> >
> > So, what scenario would actually break by removing CWD from the search
> > path? Running tests in an libtoolized project dir, perhaps? Is that a
> > valid concern or did libtool already take care of this?
>
> Running a libtool project is probably unimpacted - libtool builds
> in-tree dlls into a subdirectory, which is not usually the CWD.
Right, and AFAICS a wrapper is created which adds the path to the
DLLs to $PATH before starting the actual executable. So this is no
problem at all.
Any other idea what *might* be broken if we remove CWD from the
DLL search path?
Corinna
--
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Maintainer cygwin AT cygwin DOT com
Red Hat
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://cygwin.com/pipermail/cygwin/attachments/20141009/012b776d/attachment.sig>
More information about the Cygwin
mailing list