This is the mail archive of the
mailing list for the Cygwin project.
Re: HEADSUP maintainers: Packages install scripts without execute permissions
- From: Christopher Faylor <cgf-use-the-mailinglist-please at cygwin dot com>
- To: cygwin-apps at cygwin dot com
- Date: Mon, 22 Jun 2009 10:33:30 -0400
- Subject: Re: HEADSUP maintainers: Packages install scripts without execute permissions
- References: <4A3D1570.firstname.lastname@example.org> <20090622094310.GN5039@calimero.vinschen.de> <20090622131224.GA19418@calimero.vinschen.de> <4A3F8AE8.email@example.com>
- Reply-to: cygwin-apps at cygwin dot com
On Mon, Jun 22, 2009 at 09:45:12AM -0400, Ken Brown wrote:
>On 6/22/2009 9:12 AM, Corinna Vinschen wrote:
>> Here's the problem: If you exec shell scripts, they should only be run
>> if the user trying to run the script has execute permissions on the
>> script. This requires to check for executability in Cygwin, but as of
>> today, such a check isn't performed in Cygwin.
>> I have the patch for this ready, but I found that it would potentially
>> break a couple of packages which have not set execute permissions on
>> some of their script files.
>> As you should know by now, setup for Cygwin 1.7 will set POSIX file
>> permissions for the files extracted from the tar archives. That means,
>> all scripts which don't have execute permissions set, will also not have
>> execute permissions set after the user installed them. That's bad.
>> So I created a list of packages which install scripts into
>> /etc/preremove, /etc/postinstall, and /usr/bin without setting execute
>> permissions on them. Please guys, fix the permissions ASAP.
>Users who have existing preremove scripts without execute permissions
>will still have problems if you change setup.exe to check for this,
Doesn't setup.exe invoke preremove/postinstall shell scripts via "bash
foo.sh"? You don't need exec permissions for that.