Re: [RFD]: Execute permission for DLLs?

[Egor Duda <deo at logos-m dot ru>]

Hi!

Tuesday, 31 October, 2000 Christopher Faylor cgf@redhat.com wrote:

CF> On Tue, Oct 31, 2000 at 11:47:07AM +0100, Corinna Vinschen wrote:
>>On NTFS partitions, NT/W2K require the execute permission for DLLs to
>>allow loading a DLL on process startup.
>>
>>That's no problem unless a person using `ntsec' gets a tar archive
>>packed by a person not using `ntsec' or packing on a FAT partition.
>>Since Cygwin fakes the execute permission only for the suffixes
>>"exe", "bat", "com", DLLs are treated as non executable by the
>>stat() call when `ntsec' isn't set.
>>
>>When a person using `ntsec' unpacks that tar archive, the start of
>>an application which requires one of the DLLs from the archive will
>>fail with the Windows message
>>
>>  "The application failed to initialize properly (0xc0000022)"
>>
>>which isn't that meaningful for most of the users.
>>
>>To solve that problem we would have to do a simple step. Fake
>>execute permissions for DLLs when `ntsec' isn't set or the file
>>system doesn't support ACLs (FAT/FAT32).
>>
>>Thoughts?

CF> Are you saying that we *always* turn executable permissions on when
CF> we create a DLL file on NT?  That makes sense to me.

i've  understood  it  a bit differently. i think Corinna wants to turn
executable   bit   on  when  _creating_ tar file on "bad" system which
do not support ntsec, not when unpacking it on ntfs+ntsec system.
Turning  executable  permissions on when creating dll is solution too,
but  for  which  user will you turn in on? for everyone? i don't think
it's  a  right thing from security point of view. for owner and group?
then   you won't solve original problem.

Egor.            mailto:deo@logos-m.ru ICQ 5165414 FidoNet 2:5020/496.19