Skip Menu |

This queue is for tickets about the XML-LibXML CPAN distribution.

Report information
The Basics
Id: 44941
Status: rejected
Priority: 0/
Queue: XML-LibXML

People
Owner: Nobody in particular
Requestors: mike [...] mikehat.net
Cc:
AdminCc:

Bug Information
Severity: (no value)
Broken in: (no value)
Fixed in: (no value)



Subject: Windows distribution ACL bug
Date: Fri, 10 Apr 2009 22:27:46 -0700
To: "bug-XML-LibXML [...] rt.cpan.org" <bug-XML-LibXML [...] rt.cpan.org>
From: Michael Hatfield <mike [...] mikehat.net>
This seems to be confounding plenty of people. The libxml2.dll file is installed with a bad windows file system ACL. The file (<perl>/bin/libxml2.dll) is installed so that it doesn't inherit permissions from its container. The guy who compiled this version, like most other hackers, was an admin on his local machine (probably a Win NT 4 machine at that!), so the problem is easy to miss in testing. However, anyone who tries to use the dll in a real user environment as a non-admin will be frustrated. The dynamic dll loader can't load the library if it's not acting on behalf of the local Administrators group. Libxml2.dll should have its own ACL entries removed and allowed to inherit security from its containing folder. To do this, use the file properties dialog and the security tab. From there it depends on the Windows version, but you should allow inheritance and remove the current access control entries. There are plenty of developer threads generated by this quirk with XML::LibXml. All are driven by the package's libxml2.dll ACL. Please get the word out; the fix for an existing installation is very simple. Thanks for the GREAT library. Being able to use perl and XPath on even the ugliest HTML pages brings a new dimension to the Web. Mike
On Sat Apr 11 01:28:42 2009, mike@mikehat.net wrote: Show quoted text
> This seems to be confounding plenty of people. > > The libxml2.dll file is installed with a bad windows file system ACL. > The file (<perl>/bin/libxml2.dll) is installed so that it doesn't > inherit permissions from its container. The guy who compiled this > version, like most other hackers, was an admin on his local machine > (probably a Win NT 4 machine at that!), so the problem is easy to > miss in testing. However, anyone who tries to use the dll in a real > user environment as a non-admin will be frustrated. The dynamic > dll loader can't load the library if it's not acting on behalf of > the local Administrators group. > > Libxml2.dll should have its own ACL entries removed and allowed to > inherit security from its containing folder. To do this, use the > file properties dialog and the security tab. From there it depends > on the Windows version, but you should allow inheritance and remove > the current access control entries. > > There are plenty of developer threads generated by this quirk with > XML::LibXml. All are driven by the package's libxml2.dll ACL. > Please get the word out; the fix for an existing installation is > very simple. > > > Thanks for the GREAT library. Being able to use perl and XPath on even > the ugliest HTML pages brings a new dimension to the Web. > > Mike
Ok, I assume you are referring to some particular PPM package. Which one? There are many PPM package repositories on the web that distribute XML::LibXML bundled with libxml2.dll and I have no control of them and I do not maintain any binary distribution of XML::LibXML. All I can do is forward your request to a particular packager, once I know which one you are referring to. -- Petr
Closing due to lack of activity.