On 2021-01-05 09:49, Roger Kaufman wrote:
On 1/5/2021 10:02 AM, Bill Stewart wrote:
> On Tue, Jan 5, 2021 at 6:34 AM Eliot Moss wrote:
>
>> Is there a Windows equivalent to chroot (either the program or the
library/system call)?
>
> See: https://cygwin.com/cygwin-ug-net/highlights.html
>
> Quoting:
>
> "Chroot is supported. Kind of. Chroot is not a concept known by
> Windows. This implies some serious restrictions. First of all, the
> chroot call isn't a privileged call. Any user may call it. Second, the
> chroot environment isn't safe against native windows processes. Given
> that, chroot in Cygwin is only a hack which pretends security where
> there is none. For that reason the usage of chroot is discouraged.
> Don't use it unless you really, really know what you're doing."
>
> What I have found is that the cygwin chroot is not a security boundary
Right. My impression was that the OP was more interested in having the
functionality of where / is, though I could be wrong, of course.
I also saw web posts about Windows' RUNAS command, which deals with some of
the security implications, but does not re-root your file hierarchy.
This is the OP. We can close this out. Brian Inglis mentioned the Windows
/dev/null is "nul" and so that solved the problem in this case. In the code
below, both fopen's succeed when compiled with gcc and the "nul" fopen
succeeds when cross compiled with x86_64-w64-mingw32-g++
The backstory is, I cross compile because I have code only compatible when
cross compiled. However, I run the code in the bash shell. Now in the bash
shell, I can't change directory higher than / which is expected (I know of
cygdrive/c of course)
However since it is now technically a windows program it can "see out" into
the file system. I have for that program, an environment variable path I also
have to prefix e.g. /cygwin64/home... its just something I have to live with.
But it does make portability imperfect as the same code compiles in Linux. >
#include <cstdio>
You can adapt at runtime to the OS, check which device and root path exists
(good programming practices anyway) as a default, and override if env var exists
and includes a valid path which is also safe, or conditionally compile to
hardwire included or excluded behaviour, with the same portable source: SMOP.
--
Take care. Thanks, Brian Inglis, Calgary, Alberta, Canada
This email may be disturbing to some readers as it contains
too much technical detail. Reader discretion is advised.
[Data in binary units and prefixes, physical quantities in SI.]
--
Problem reports: https://cygwin.com/problems.html
FAQ: https://cygwin.com/faq/
Documentation: https://cygwin.com/docs.html
Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple
