Andrey Repin wrote:
Hmm... is postfix actually broken?
Unsetting PATH is IMO sane (from the POSIX POV) if all exec() calls use
absolute path names.
If all exec() calls are made with full paths, unsetting $PATH does not improve
security in any way,
Of course. But postfix could be configured to run "unknown" external
programs through its various daemons. In this case, a fixed (here:
empty) PATH improves security. If not convinced, please discuss with the
author of postfix :-)
but leave underlying system in an inconsistent state.
I don't see any added inconsistencies, please explain.
This is not limited to Cygwin1.dll, but to all other system DLL's that you
might need to load.
No. The "system" (aka "Windows") DDLs are always found due to the
built-in defaults which *precede* PATH:
http://msdn.microsoft.com/en-us/library/windows/desktop/ms682586.aspx
The Cygwin "system" DLLs may be not found if PATH is modified/unset,
therefore I suggested to fix this by a SetDllDirectory() call.
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
