Re: HEADSUP maintainers: Packages install scripts without execute permissions
On Jun 22 22:06, Christian Franke wrote: Corinna Vinschen wrote: So I created a list of packages which install scripts into /etc/preremove, /etc/postinstall, and /usr/bin without setting execute permissions on them. Please guys, fix the permissions ASAP. [...] Christian Franke: ddrescue: etc/postinstall/ddrescue.sh Hi Corinna, The postinstall script is only present in the [prev] release ddrescue-1.8-1 but not in ddrescue-1.9-1. If the script is considered a problem for Cygwin 1.7, I would suggest to simply remove 1.8-1 from release-2/ddrescue. Uh, my fault, sorry. I looked through the hits and planned to report only those packages in which the latest version is affected. I'm not that concerned about older versions. Thanks, Corinna -- Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Project Co-Leader cygwin AT cygwin DOT com Red Hat -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
HEADSUP maintainers: Packages install scripts without execute permissions
[Wrong list. Resent to cygwin-apps] Hi, Here's the problem: If you exec shell scripts, they should only be run if the user trying to run the script has execute permissions on the script. This requires to check for executability in Cygwin, but as of today, such a check isn't performed in Cygwin. I have the patch for this ready, but I found that it would potentially break a couple of packages which have not set execute permissions on some of their script files. As you should know by now, setup for Cygwin 1.7 will set POSIX file permissions for the files extracted from the tar archives. That means, all scripts which don't have execute permissions set, will also not have execute permissions set after the user installed them. That's bad. So I created a list of packages which install scripts into /etc/preremove, /etc/postinstall, and /usr/bin without setting execute permissions on them. Please guys, fix the permissions ASAP. Corinna Vinschen: robots: etc/postinstall/robots.sh Reini Urban: perl: usr/bin/cpan5.10.0 usr/bin/shasum5.10.0 Christian Franke: ddrescue: etc/postinstall/ddrescue.sh Jari Aalto: colorgcc: etc/postinstall/colorgcc.sh joe: etc/postinstall/joe-manifest.lst Frank Seelisch: singular-icons: etc/postinstall/singular-icons.sh Dave Korn: gcc-core: etc/postinstall/gcc.sh etc/preremove/gcc.sh gcc-gnat: etc/postinstall/gcc-gnat.sh etc/preremove/gcc-gnat.sh gcc-gdc: etc/postinstall/gcc-gdc.sh etc/preremove/gcc-gdc.sh gcc-gpc: etc/postinstall/gcc-gpc.sh etc/preremove/gcc-gpc.sh gcc-g++: etc/postinstall/gcc-g++.sh etc/preremove/gcc-g++.sh gcc-g77: etc/postinstall/gcc-g77.sh etc/preremove/gcc-g77.sh gcc-java: etc/postinstall/gcc-java.sh etc/preremove/gcc-java.sh Yaakov S: perl-extutils-pkgconfig: etc/postinstall/perl-ExtUtils-Pk libgnome2:etc/preremove/libgnome2.sh gnome-vfs:etc/preremove/gnome-vfs2.sh ilibIDL: etc/postinstall/libIDL.sh libIDL2: etc/postinstall/libIDL2.sh Btw., DLLs should also be executable, otherwise applications will fail to start. I found one of them: glib: usr/bin/cyggmodule-1-2-0.dll Thanks, Corinna -- Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Project Co-Leader cygwin AT cygwin DOT com Red Hat
Re: HEADSUP maintainers: Packages install scripts without execute permissions
On 6/22/2009 9:12 AM, Corinna Vinschen wrote: Here's the problem: If you exec shell scripts, they should only be run if the user trying to run the script has execute permissions on the script. This requires to check for executability in Cygwin, but as of today, such a check isn't performed in Cygwin. I have the patch for this ready, but I found that it would potentially break a couple of packages which have not set execute permissions on some of their script files. As you should know by now, setup for Cygwin 1.7 will set POSIX file permissions for the files extracted from the tar archives. That means, all scripts which don't have execute permissions set, will also not have execute permissions set after the user installed them. That's bad. So I created a list of packages which install scripts into /etc/preremove, /etc/postinstall, and /usr/bin without setting execute permissions on them. Please guys, fix the permissions ASAP. Users who have existing preremove scripts without execute permissions will still have problems if you change setup.exe to check for this, won't they? Ken
Re: HEADSUP maintainers: Packages install scripts without execute permissions
On Jun 22 09:45, Ken Brown wrote: On 6/22/2009 9:12 AM, Corinna Vinschen wrote: Here's the problem: If you exec shell scripts, they should only be run if the user trying to run the script has execute permissions on the script. This requires to check for executability in Cygwin, but as of today, such a check isn't performed in Cygwin. I have the patch for this ready, but I found that it would potentially break a couple of packages which have not set execute permissions on some of their script files. As you should know by now, setup for Cygwin 1.7 will set POSIX file permissions for the files extracted from the tar archives. That means, all scripts which don't have execute permissions set, will also not have execute permissions set after the user installed them. That's bad. So I created a list of packages which install scripts into /etc/preremove, /etc/postinstall, and /usr/bin without setting execute permissions on them. Please guys, fix the permissions ASAP. Users who have existing preremove scripts without execute permissions will still have problems if you change setup.exe to check for this, won't they? If the affected packages are replaced before we install a new Cygwin DLL, which correctly checks for execute permissions, the preremove scripts would be replaced with the ones with correct permissions before the problem actually starts to become visible. I don't understand how you suggest to change setup.exe. In theory, it could change permissions of scripts in /etc/preremove and /etc/postinstall on the fly while installing them, as it already does for *.exe files. It could do the same also for .dll files, btw. Is that what you mean? Corinna -- Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Project Co-Leader cygwin AT cygwin DOT com Red Hat
Re: HEADSUP maintainers: Packages install scripts without execute permissions
On Mon, Jun 22, 2009 at 09:45:12AM -0400, Ken Brown wrote: On 6/22/2009 9:12 AM, Corinna Vinschen wrote: Here's the problem: If you exec shell scripts, they should only be run if the user trying to run the script has execute permissions on the script. This requires to check for executability in Cygwin, but as of today, such a check isn't performed in Cygwin. I have the patch for this ready, but I found that it would potentially break a couple of packages which have not set execute permissions on some of their script files. As you should know by now, setup for Cygwin 1.7 will set POSIX file permissions for the files extracted from the tar archives. That means, all scripts which don't have execute permissions set, will also not have execute permissions set after the user installed them. That's bad. So I created a list of packages which install scripts into /etc/preremove, /etc/postinstall, and /usr/bin without setting execute permissions on them. Please guys, fix the permissions ASAP. Users who have existing preremove scripts without execute permissions will still have problems if you change setup.exe to check for this, won't they? Doesn't setup.exe invoke preremove/postinstall shell scripts via bash foo.sh? You don't need exec permissions for that. cgf
Re: HEADSUP maintainers: Packages install scripts without execute ?permissions
On Jun 22 16:09, Corinna Vinschen wrote: On Jun 22 13:58, Eric Blake wrote: For that matter, are there any postinstall scripts currently relying on a different interpreter? If not, then I'm in favor of the idea of changing setup.exe to be immune to the execute bit on postinstall scripts, at the expense of making postinstall scripts locked into bash (at least, as the initial interpreter). There can be only *.bat and *.sh files in /etc/postinstall and /etc/preremove. *.bat files are started via `cmd /c file' and *.sh files are started via `bash --norc --noprofile -c file'. So we sort of require a script to be a sh/bash script anyway right now. Admittedly, I did not actually *look* into all postinstall/preremove scripts in the distro. I just checked the entire 1.7 distro and here's the result: We have not a single package left which uses a .bat file in postinstall or in preremove. That's great, IMHO. And, AFAICS, all of the *.sh fiels are actually some variation of sh/ash/bash script. So I assume it's safe to remove the -c from setup's script starter method. Corinna -- Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Project Co-Leader cygwin AT cygwin DOT com Red Hat
Re: HEADSUP maintainers: Packages install scripts without execute permissions
On 6/22/2009 10:04 AM, Corinna Vinschen wrote: If the affected packages are replaced before we install a new Cygwin DLL, which correctly checks for execute permissions, the preremove scripts would be replaced with the ones with correct permissions before the problem actually starts to become visible. Ah, that's the part I was missing. Sorry for the noise. Ken
HEADSUP maintainers: Packages install scripts without execute permissions
Hi, Here's the problem: If you exec shell scripts, they should only be run if the user trying to run the script has execute permissions on the script. This requires to check for executability in Cygwin, but as of today, such a check isn't performed in Cygwin. I have the patch for this ready, but I found that it would potentially break a couple of packages which have not set execute permissions on some of their script files. As you should know by now, setup for Cygwin 1.7 will set POSIX file permissions for the files extracted from the tar archives. That means, all scripts which don't have execute permissions set, will also not have execute permissions set after the user installed them. That's bad. So I created a list of packages which install scripts into /etc/preremove, /etc/postinstall, and /usr/bin without setting execute permissions on them. Please guys, fix the permissions ASAP. Corinna Vinschen: robots: etc/postinstall/robots.sh Reini Urban: perl: usr/bin/cpan5.10.0 usr/bin/shasum5.10.0 Christian Franke: ddrescue: etc/postinstall/ddrescue.sh Jari Aalto: colorgcc: etc/postinstall/colorgcc.sh joe: etc/postinstall/joe-manifest.lst Frank Seelisch: singular-icons: etc/postinstall/singular-icons.sh Dave Korn: gcc-core: etc/postinstall/gcc.sh etc/preremove/gcc.sh gcc-gnat: etc/postinstall/gcc-gnat.sh etc/preremove/gcc-gnat.sh gcc-gdc: etc/postinstall/gcc-gdc.sh etc/preremove/gcc-gdc.sh gcc-gpc: etc/postinstall/gcc-gpc.sh etc/preremove/gcc-gpc.sh gcc-g++: etc/postinstall/gcc-g++.sh etc/preremove/gcc-g++.sh gcc-g77: etc/postinstall/gcc-g77.sh etc/preremove/gcc-g77.sh gcc-java: etc/postinstall/gcc-java.sh etc/preremove/gcc-java.sh Yaakov S: perl-extutils-pkgconfig: etc/postinstall/perl-ExtUtils-Pk libgnome2:etc/preremove/libgnome2.sh gnome-vfs:etc/preremove/gnome-vfs2.sh ilibIDL: etc/postinstall/libIDL.sh libIDL2: etc/postinstall/libIDL2.sh Btw., DLLs should also be executable, otherwise applications will fail to start. I found one of them: glib: usr/bin/cyggmodule-1-2-0.dll Thanks, Corinna -- Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Project Co-Leader cygwin AT cygwin DOT com Red Hat -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Re: HEADSUP maintainers: Packages install scripts without execute permissions
Corinna Vinschen wrote: Hi, Here's the problem: If you exec shell scripts, they should only be run if the user trying to run the script has execute permissions on the script. Shell scripts don't _have_ to be executable, only if you want to launch one as if it were a command, rather than sourcing it. Why don't we just remove the -c and get setup.exe to use the simple bash filename syntax meaning treat filename as a text file, open it and pipe it to stdin? [da...@ubique src]$ cat happy-script-file.txt echo I am a happy script file! [da...@ubique src]$ ls -la happy-script-file.txt -rw-rw-r-- 1 davek davek 33 2009-06-22 14:35 happy-script-file.txt [da...@ubique src]$ ./happy-script-file.txt bash: ./happy-script-file.txt: Permission denied [da...@ubique src]$ bash -c ./happy-script-file.txt bash: ./happy-script-file.txt: Permission denied [da...@ubique src]$ bash ./happy-script-file.txt I am a happy script file! [da...@ubique src]$ AFAIK this final syntax is equivalent to writing cat happy-script-file.txt | bash, where of course the execute bits couldn't make any difference. cheers, DaveK -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Re: HEADSUP maintainers: Packages install scripts without execute permissions
On Jun 22 14:38, Dave Korn wrote: Corinna Vinschen wrote: Hi, Here's the problem: If you exec shell scripts, they should only be run if the user trying to run the script has execute permissions on the script. Shell scripts don't _have_ to be executable, only if you want to launch one as if it were a command, rather than sourcing it. Oh well, I really thought that would go without saying. Yes, sure, you're right. That's at least the case for scripts in /bin or /usr/bin and that's not invalidated by your below objection. Why don't we just remove the -c and get setup.exe to use the simple bash filename syntax meaning treat filename as a text file, open it and pipe it to stdin? I already suggested this on the cygwin-developers ML back in May (*) but it was not discussed overly enthusiastic (**) (***). Corinna (*) http://cygwin.com/ml/cygwin-developers/2009-05/msg00045.html (**) http://cygwin.com/ml/cygwin-developers/2009-05/msg00047.html (***) http://cygwin.com/ml/cygwin-developers/2009-05/msg00050.html -- Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Project Co-Leader cygwin AT cygwin DOT com Red Hat -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Re: HEADSUP maintainers: Packages install scripts without execute permissions
Corinna Vinschen corinna-cygwin at cygwin.com writes: Why don't we just remove the -c and get setup.exe to use the simple bash filename syntax meaning treat filename as a text file, open it and pipe it to stdin? I already suggested this on the cygwin-developers ML back in May (*) but it was not discussed overly enthusiastic (**) (***). Indeed - changing things to be 'bash script' instead of the current 'bash -c script' would make the use of alternative interpreters harder. But it does not make it impossible; you can always do: #!/bin/sh /bin/awk \EOF ... EOF instead of #!/bin/awk ... For that matter, are there any postinstall scripts currently relying on a different interpreter? If not, then I'm in favor of the idea of changing setup.exe to be immune to the execute bit on postinstall scripts, at the expense of making postinstall scripts locked into bash (at least, as the initial interpreter). -- Eric Blake -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Re: HEADSUP maintainers: Packages install scripts without execute ?permissions
On Jun 22 13:58, Eric Blake wrote: Corinna Vinschen corinna-cygwin at cygwin.com writes: Why don't we just remove the -c and get setup.exe to use the simple bash filename syntax meaning treat filename as a text file, open it and pipe it to stdin? I already suggested this on the cygwin-developers ML back in May (*) but it was not discussed overly enthusiastic (**) (***). Indeed - changing things to be 'bash script' instead of the current 'bash -c script' would make the use of alternative interpreters harder. But it does not make it impossible; you can always do: #!/bin/sh /bin/awk \EOF ... EOF instead of #!/bin/awk ... For that matter, are there any postinstall scripts currently relying on a different interpreter? If not, then I'm in favor of the idea of changing setup.exe to be immune to the execute bit on postinstall scripts, at the expense of making postinstall scripts locked into bash (at least, as the initial interpreter). There can be only *.bat and *.sh files in /etc/postinstall and /etc/preremove. *.bat files are started via `cmd /c file' and *.sh files are started via `bash --norc --noprofile -c file'. So we sort of require a script to be a sh/bash script anyway right now. Admittedly, I did not actually *look* into all postinstall/preremove scripts in the distro. Corinna -- Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Project Co-Leader cygwin AT cygwin DOT com Red Hat -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Re: HEADSUP maintainers: Packages install scripts without execute ?permissions
On Jun 22 16:09, Corinna Vinschen wrote: On Jun 22 13:58, Eric Blake wrote: For that matter, are there any postinstall scripts currently relying on a different interpreter? If not, then I'm in favor of the idea of changing setup.exe to be immune to the execute bit on postinstall scripts, at the expense of making postinstall scripts locked into bash (at least, as the initial interpreter). There can be only *.bat and *.sh files in /etc/postinstall and /etc/preremove. *.bat files are started via `cmd /c file' and *.sh files are started via `bash --norc --noprofile -c file'. So we sort of require a script to be a sh/bash script anyway right now. Admittedly, I did not actually *look* into all postinstall/preremove scripts in the distro. I just checked the entire 1.7 distro and here's the result: We have not a single package left which uses a .bat file in postinstall or in preremove. That's great, IMHO. And, AFAICS, all of the *.sh fiels are actually some variation of sh/ash/bash script. So I assume it's safe to remove the -c from setup's script starter method. Corinna -- Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Project Co-Leader cygwin AT cygwin DOT com Red Hat -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Re: HEADSUP maintainers: Packages install scripts without execute permissions
Eric Blake wrote: Indeed - changing things to be 'bash script' instead of the current 'bash -c script' would make the use of alternative interpreters harder. But it does not make it impossible; you can always do: #!/bin/sh /bin/awk \EOF ... EOF instead of #!/bin/awk Yes, but that does seem a bit awkward. cheers, DaveK -- *rimshot* -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Re: HEADSUP maintainers: Packages install scripts without execute permissions
Corinna Vinschen wrote: So I created a list of packages which install scripts into /etc/preremove, /etc/postinstall, and /usr/bin without setting execute permissions on them. Please guys, fix the permissions ASAP. [...] Christian Franke: ddrescue: etc/postinstall/ddrescue.sh Hi Corinna, The postinstall script is only present in the [prev] release ddrescue-1.8-1 but not in ddrescue-1.9-1. If the script is considered a problem for Cygwin 1.7, I would suggest to simply remove 1.8-1 from release-2/ddrescue. Christian -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple