Mail Archives: cygwin/2004/08/08/12:20:15
On Sat, Aug 07, 2004 at 11:04:43PM -0700, Fish wrote:
>
> Pierre A. Humblet wrote:
>
> > setup is a Windows program. The files it creates have
> > the inheritable permissions of the parent directory.
>
> Well then it must not be setup that's doing it then. <shrug>
Right. Thanks for the cacls info. What's happening is this:
1) All files created by setup have ACL:
> c:\ BUILTIN\Administrators:(OI)(CI)F
> PIGFUCKER\Friends:(OI)(CI)F
> NT AUTHORITY\SYSTEM:(OI)(CI)F
Note that neither you personally, nor the standard group, Users,
nor Everyone has any access. So ls -l shows no permissions and
a "+". Nonetheless you have full access because you are in Admins.
2) When the sh postinstall scripts run (with ntsec), they create
files according to POSIX rules. The owner is you. Fish, the group
is Users.
3) Files that are created from scratch (e.g. /etc/passwd) have OK
permissions.
4) However man.sh and base-files-profile.sh (and perhaps others) use
cp, which copies the (umasked) permission bits from the source
file, ignoring the acl. Thus you have no access to the files
copied from /etc/defaults.
What should be done? I see two avenues.
a) One could run the postinstall scripts (except those that chown
or chmod) with nontsec. They would then create files with the normal
Windows inheritance rules and one would have uniform permissions
for all files, whether created by setup or by postinstall scripts.
b) Scripts that use cp should create an empty destination file before
doing the cp (or call chmod after cp, or set nontsec before cp).
Pierre
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
- Raw text -