Mail Archives: cygwin/2004/04/10/12:13:18
Let's consider the following scenario:
[--- cut ---]
C:\Work\test-facl>setfacl -s u::rwx,g::rwx,m:rwx,o:rwx .
C:\Work\test-facl>getfacl .
# file: .
# owner: Administrators
# group: None
user::rwx
group::rwx
mask:rwx
other:rwx
C:\Work\test-facl>setfacl -m d:u::rwx,d:g::rwx,d:m:rwx,d:o:rwx .
C:\Work\test-facl>getfacl .
# file: .
# owner: Administrators
# group: None
user::rwx
group::rwx
mask:rwx
other:---
default:user::rwx
default:group::rwx
default:other:rwx
[--- cut ---]
Note the "other" entry access rights!
I think the problem is the following: second setfacl should analyse
existing ACE's AceFlags and decide if it has to modify the existing ACE
(if INHERIT_ONLY_ACE is set) or add the new one. It seems that it does not
do that (although I did not look into the sources). So the Everyone's ACE
(other: entry) is replaced with INHERIT_ONLY_ACE (default:other entry)
which effectively prohibits any access.
BTW,
setfacl -s u::rwx,g::rwx,m:rwx,o:rwx,d:u::rwx,d:g::rwx,d:m:rwx,d:o:rwx .
leads just to the same result (no access to the directory for "other" group)
If my analysis is correct, could you fix this?
- Dmitry Bely
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
- Raw text -