Mail Archives: cygwin/2001/08/02/13:13:18

delorie.com/archives/browse.cgi

search

Mail Archives: cygwin/2001/08/02/13:13:18

Mailing-List: contact cygwin-help AT sourceware DOT cygnus DOT com; run by ezmlm

List-Subscribe: <mailto:cygwin-subscribe AT sources DOT redhat DOT com>

List-Archive: <http://sources.redhat.com/ml/cygwin/>

List-Post: <mailto:cygwin AT sources DOT redhat DOT com>

List-Help: <mailto:cygwin-help AT sources DOT redhat DOT com>, <http://sources.redhat.com/ml/#faqs>

Sender: cygwin-owner AT sources DOT redhat DOT com

Delivered-To: mailing list cygwin AT sources DOT redhat DOT com

Message-ID: <3B6989B1.7070309@ece.gatech.edu>

Date: Thu, 02 Aug 2001 13:11:13 -0400

From: Charles Wilson <cwilson AT ece DOT gatech DOT edu>

User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.2) Gecko/20010713

X-Accept-Language: en-us

MIME-Version: 1.0

To: Corinna Vinschen <cygwin AT cygwin DOT com>

Subject: Re: ntsec, passwd, and group issues again

References: <01C11AF9 DOT 641EBF00 DOT jorgens AT coho DOT net> <20010802115301 DOT A23782 AT cygbert DOT vinschen DOT de>

Corinna Vinschen wrote:

> 
> Not really. setup.exe doesn't handle permissions at all.
> Charles Wilson has written a small perl script which can do that
> but I'm not sure how that will go into the next version.
> It hasn't been discussed yet.

Well, it's ugly.  My little shell script can remove the inheritance 
property from a directory -- but that's all.  And sometimes doing that 
causes problem; I've noticed that in some directories after having the 
inheritance property removed, the children (files and dirs) no longer 
have ANY security descriptors and are inaccessible even by their owner.

I had to manually fix these unruly children using the Windows GUI (take 
ownership, reset all permissions, etc).  Unfortunately, every case is 
different. Even on my "single user" box -- just me and 
me-as-Administrator -- different dirs "misbehave" differently.

I really don't think "cleaning up" the colorful mess of security 
descriptors can be done accurately, unless:

you just go with the brute force approach: change ownership of 
everything under cygwin '/' to Administrator.None with perms rw?rw?r-? 
and the bare minimum of "extra" SD's.  But that's NOT something that 
should be done automatically by setup.  Perhaps an executable or shell 
script that users with problems could run -- as Administrator, but it 
shouldn't be a default part of the setup procedure.

--Chuck

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

- Raw text -

webmaster	delorie software privacy
Copyright © 2019 by DJ Delorie	Updated Jul 2019

Mailing-List:	contact cygwin-help AT sourceware DOT cygnus DOT com; run by ezmlm
List-Subscribe:	<mailto:cygwin-subscribe AT sources DOT redhat DOT com>
List-Archive:	<http://sources.redhat.com/ml/cygwin/>
List-Post:	<mailto:cygwin AT sources DOT redhat DOT com>
List-Help:	<mailto:cygwin-help AT sources DOT redhat DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender:	cygwin-owner AT sources DOT redhat DOT com
Delivered-To:	mailing list cygwin AT sources DOT redhat DOT com
Message-ID:	<3B6989B1.7070309@ece.gatech.edu>
Date:	Thu, 02 Aug 2001 13:11:13 -0400
From:	Charles Wilson <cwilson AT ece DOT gatech DOT edu>
User-Agent:	Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.2) Gecko/20010713
X-Accept-Language:	en-us
MIME-Version:	1.0
To:	Corinna Vinschen <cygwin AT cygwin DOT com>
Subject:	Re: ntsec, passwd, and group issues again
References:	<01C11AF9 DOT 641EBF00 DOT jorgens AT coho DOT net> <20010802115301 DOT A23782 AT cygbert DOT vinschen DOT de>