This is the mail archive of the
mailing list for the Cygwin project.
Re: HEADSUP maintainers: Packages install scripts without execute permissions
- From: Corinna Vinschen <corinna-cygwin at cygwin dot com>
- To: cygwin-apps at cygwin dot com
- Date: Mon, 22 Jun 2009 16:04:21 +0200
- Subject: Re: HEADSUP maintainers: Packages install scripts without execute permissions
- References: <4A3D1570.firstname.lastname@example.org> <20090622094310.GN5039@calimero.vinschen.de> <20090622131224.GA19418@calimero.vinschen.de> <4A3F8AE8.email@example.com>
- Reply-to: cygwin-apps at cygwin dot com
On Jun 22 09:45, Ken Brown wrote:
> On 6/22/2009 9:12 AM, Corinna Vinschen wrote:
>> Here's the problem: If you exec shell scripts, they should only be run
>> if the user trying to run the script has execute permissions on the
>> script. This requires to check for executability in Cygwin, but as of
>> today, such a check isn't performed in Cygwin.
>> I have the patch for this ready, but I found that it would potentially
>> break a couple of packages which have not set execute permissions on
>> some of their script files.
>> As you should know by now, setup for Cygwin 1.7 will set POSIX file
>> permissions for the files extracted from the tar archives. That means,
>> all scripts which don't have execute permissions set, will also not have
>> execute permissions set after the user installed them. That's bad.
>> So I created a list of packages which install scripts into
>> /etc/preremove, /etc/postinstall, and /usr/bin without setting execute
>> permissions on them. Please guys, fix the permissions ASAP.
> Users who have existing preremove scripts without execute permissions
> will still have problems if you change setup.exe to check for this,
> won't they?
If the affected packages are replaced before we install a new Cygwin
DLL, which correctly checks for execute permissions, the preremove
scripts would be replaced with the ones with correct permissions
before the problem actually starts to become visible.
I don't understand how you suggest to change setup.exe. In theory, it
could change permissions of scripts in /etc/preremove and
/etc/postinstall on the fly while installing them, as it already does
for *.exe files. It could do the same also for .dll files, btw.
Is that what you mean?
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Project Co-Leader cygwin AT cygwin DOT com