This is the mail archive of the cygwin-apps mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: HEADSUP maintainers: Packages install scripts without execute permissions


On Mon, Jun 22, 2009 at 09:45:12AM -0400, Ken Brown wrote:
>On 6/22/2009 9:12 AM, Corinna Vinschen wrote:
>> Here's the problem:  If you exec shell scripts, they should only be run
>> if the user trying to run the script has execute permissions on the
>> script.  This requires to check for executability in Cygwin, but as of
>> today, such a check isn't performed in Cygwin.
>> 
>> I have the patch for this ready, but I found that it would potentially
>> break a couple of packages which have not set execute permissions on
>> some of their script files.
>> 
>> As you should know by now, setup for Cygwin 1.7 will set POSIX file
>> permissions for the files extracted from the tar archives.  That means,
>> all scripts which don't have execute permissions set, will also not have
>> execute permissions set after the user installed them.  That's bad.
>> 
>> So I created a list of packages which install scripts into
>> /etc/preremove, /etc/postinstall, and /usr/bin without setting execute
>> permissions on them.  Please guys, fix the permissions ASAP.
>
>Users who have existing preremove scripts without execute permissions
>will still have problems if you change setup.exe to check for this,
>won't they?

Doesn't setup.exe invoke preremove/postinstall shell scripts via "bash
foo.sh"?  You don't need exec permissions for that.

cgf


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]