Sys.isexecutable() unreliable on Windows

[staticfloat]

The current implementation of Sys.isexecutable() is broken on Windows; it does not properly query the relevant ACLs, and simply returns true if the file exists.

It is necessary for us to emulate the proper behavior here as git tree hashing requires knowing if a file is executable or not, and the native git tools on Windows do "the right thing", so in order to hash to the same value we will need to do the right thing as well.

The logic to do this is complex, but reducable. An example from cygwin is given here: https://github.com/Alexpux/Cygwin/blob/9c84bfd47922aad4881f80243320422b621c95dc/winsup/cygwin/sec_acl.cc#L636-L644

[musm]

@staticfloat I have a solution here, utilizing SHGetFileInfo (https://docs.microsoft.com/en-us/windows/win32/api/shellapi/nf-shellapi-shgetfileinfoa) By obtaining the file's SHGFI_EXETYPE (https://docs.microsoft.com/en-us/windows/win32/api/shellapi/nf-shellapi-shgetfileinfoa#return-value)

It can provide fine grain information on whether the file is:

Windows application.
MS-DOS .exe or .com file
Console application or .bat file

I didn't really look at the logic here, but it seems much complex than using the Windows API directly:

The logic to do this is complex, but reducable. An example from cygwin is given here: https://github.com/Alexpux/Cygwin/blob/9c84bfd47922aad4881f80243320422b621c95dc/winsup/cygwin/sec_acl.cc#L636-L644

Should I open a PR with the stated changes?

[StefanKarpinski]

@vtjnash, does this seem like a reasonable approach to you?

[staticfloat]

If the docs are accurate then yes, this does seem reasonable to me. Good find, @musm! I think a small PoC would be really helpful to both myself and Jameson, and doesn't look too hard to put together.

[musm]

I can just open a PR with a working implementation which I am close to finishing

[vtjnash]

This would require having the isexecutable check calling the AccessCheck function (https://docs.microsoft.com/en-us/windows/win32/secauthz/verifying-client-access-with-acls-in-c--). We could also implement this in uv_fs_access, and then use that as a cross-platform solution.

[staticfloat]

@vtjnash which would you prefer I do? I know you have performance concerns about this, would you prefer that we do this in C whenever we call uv_fs_access() or should it be controllable from Julia somehow?

[vtjnash]

Oh, I don't care about performance of this. If you mean TOCTOU, this is instantly invalid, so it could never be never fast enough. Implementation in C might be easier because it takes so many arguments, or maybe not.

[staticfloat]

Okay; I'll work up a patch to libuv and request your attention when it's ready