Page MenuHome GnuPG
Create Task
Maniphest T7894

libgcrypt, scute, gpgrt/argparse, gnupg/dirmngr: Hard-coded /etc
Open, NormalPublic
Actions

Description

Those code have hard-coded /etc, which might not make sense on Windows.

There are some different cases:
(1) For files like /etc/hosts , it should be replaced by the correct path Windows\System32\drivers\etc\hosts
(2) For some configuration files, it should use sysconfdir.
(3) For some specific cases, it should use CSIDL_APPDATA , CSIDL_DEFAULT_APPDATA, or something relevant.

Revisions and Commits

rW Gpg4win
rW0496f61cf429 Create a sysconfdir for Libgcrypt

Event Timeline

gniibe created this task.Thu, Oct 30, 3:06 AM
gniibe mentioned this in Unknown Object (Maniphest Task).Mon, Nov 3, 3:52 AM
werner added a commit: rW0496f61cf429: Create a sysconfdir for Libgcrypt.Mon, Nov 3, 2:58 PM
werner added a subscriber: werner.Mon, Nov 3, 3:05 PM

We already did this for Libgcrypt 1.8 but take care that an installer includig Libgcrypt should run something like

icacls.exe %ProgramData%\GNU\etc\gcrypt /inheritance:r /grant "Administrators:F" /grant "SYSTEM:F" /grant:r "Everyone:R"

to replace the permissions (/grant:r) for everyone, remove any default inheritance, and allow Administrators to write files etc.

werner added a comment.Mon, Nov 3, 3:27 PM

In GnuPG we use CSIDL_COMMON_APPDATA and append "\GNU\etc\gnupg". If this can't be found we use the rootdir, that is he installation directory of the binary or one up if installed below a bin directory. The reason for using GNU and not POSIX or Unix is merely to avoid name clashes with other software ported to Windows. There was no real standard for this on Windows.

Note also that for GnuPG it is possible to change that directory by installing a file gpgconf.ctl alongside of gpgconf.exe. I do not think that we should put this feature into a the other modules.

Note that %SystemRoot% and probably also some CSIDL expands to the c:\Windows - that should be used as base for System32/drivers/etc .

werner added a comment.Mon, Nov 3, 3:29 PM

For argparse we use /etc as a default but applications may use gpgrt_set_confdir to set a different one. Howeever if we already have a new get_sysconfdir function, it is easy and useful to change the default on Unix.

werner triaged this task as Normal priority.Mon, Nov 3, 4:47 PM
werner added projects: gpgrt, scute, libgcrypt.
gniibe added a comment.Wed, Nov 5, 7:44 AM

For gpgrt/argparse this could be an option (to remove hard-coded /etc):

gpgrt-argparse-no-hardcoded-etc.patch1 KBDownload

werner added a comment.Wed, Nov 5, 3:49 PM

I think this is correct even on Unix in case someone really uses /usr/local/etc (which I consider problematic). But for Windows we need to determine this at runtime.

Maybe we can have an extended version of gpgrt_fnameconcat which allows to use the susconfdir or some other standard directory. Such a a function may also be useful to just get that standard directory. For example

gpgrt_fnameconcat_new (GPGRT_SYSCONFDIR, "gcrypt", "random.conf", NULL);

which would result under Unix to /etc/gcrypt/random.conf. By using some other constant we would also fold the exsting to functions fnameconcat and absfnameconcat into one. For example a constant like GPGRT_ROOTDIR would be the same sas gpgrt_absfnameconcat and a constant value of 0 be gpgrt_fnameconcat. What about a gpgrt_fconcat ?