On 2014-09-13 12:00, Christian Franke wrote: > Eric Blake wrote: >> (by passing an actual safe path, and NOT by completely unsetting PATH). >> > > Disagree. The postfix master(8) spawns all of its daemons with PATH unset. > This IMO does not violate POSIX. > > Note that setting PATH=/bin on Cygwin does not fix the security problem in > the DLL search order. Even with "SafeDllSearchMode" enabled, the current > directory is always checked before PATH. Running some Cygwin program from > /usr/sbin, /usr/local/bin, /usr/libexec, ... would load a possible malicious > cyg*.dll from current directory regardless of PATH setting. Only programs in > /bin are safe. > > Using SetDllDirectory("c:\\cygwin\\bin") somewhere in cygwin1.dll would fix > this also.
How could a call inside a DLL fix the library search order used to find that same DLL? Yes, it is possible (or likely) that SetDllDirectory fixes the immediate problem for processes that are started *by* cygwin1.dll, but it is not effective for Cygwin processes that are started by some direct use of the Win32 API. Also, SetDllDirectory will kill all attempts to run 32-bit Cygwin programs from 64-bit Cygwin (and vice versa). Cheers, Peter -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple