On 2014-09-13 12:00, Christian Franke wrote:
> Eric Blake wrote:
>> (by passing an actual safe path, and NOT by completely unsetting PATH).
>>
>
> Disagree. The postfix master(8) spawns all of its daemons with PATH unset.
> This IMO does not violate POSIX.
>
> Note that setting PATH=/bin on Cygwin does not fix the security problem in
> the DLL search order. Even with "SafeDllSearchMode" enabled, the current
> directory is always checked before PATH. Running some Cygwin program from
> /usr/sbin, /usr/local/bin, /usr/libexec, ... would load a possible malicious
> cyg*.dll from current directory regardless of PATH setting. Only programs in
> /bin are safe.
>
> Using SetDllDirectory("c:\\cygwin\\bin") somewhere in cygwin1.dll would fix
> this also.
How could a call inside a DLL fix the library search order used
to find that same DLL? Yes, it is possible (or likely) that
SetDllDirectory fixes the immediate problem for processes that
are started *by* cygwin1.dll, but it is not effective for Cygwin
processes that are started by some direct use of the Win32 API.
Also, SetDllDirectory will kill all attempts to run 32-bit
Cygwin programs from 64-bit Cygwin (and vice versa).
Cheers,
Peter
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
