| delorie.com/archives/browse.cgi | search |
| Mailing-List: | contact cygwin-help AT cygwin DOT com; run by ezmlm |
| List-Subscribe: | <mailto:cygwin-subscribe AT cygwin DOT com> |
| List-Archive: | <http://sourceware.org/ml/cygwin/> |
| List-Post: | <mailto:cygwin AT cygwin DOT com> |
| List-Help: | <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs> |
| Sender: | cygwin-owner AT cygwin DOT com |
| Mail-Followup-To: | cygwin AT cygwin DOT com |
| Delivered-To: | mailing list cygwin AT cygwin DOT com |
| Message-ID: | <0B9EBBE7CA79D7118FD00002B3B2B9B910ECD62D@nm75ex51.das.honeywell.com> |
| From: | "Baksik, Frederick (NM75)" <frederick DOT baksik AT honeywell DOT com> |
| To: | cygwin AT cygwin DOT com |
| Subject: | RE: perlcc and permissions |
| Date: | Sun, 28 Aug 2005 12:41:49 -0700 |
| MIME-Version: | 1.0 |
| X-IsSubscribed: | yes |
> Krzysztof Duleba wrote:
>
> Brian Dessent wrote:
> > > $ ls -l foo.pl
> > > -rwx------+ 1 Administratorzy Brak 34 Aug 28 16:29 foo.pl
> > >
> > > I guess that in strict mode the file should not be readable by me.
> > > However, cat and perl can read it without problems.
> >
> > I don't know why perlcc complains when perl does not. But the above
> > statement is not necessarily true. The "+" in the last
> column of the
> > permissions means that there are extended ACLs that cannot
> be mapped
> > to the simple posix "rwx" scheme.
>
> $ getfacl.exe foo.pl
> # file: foo.pl
> # owner: Administratorzy
> # group: Brak
> user::rwx
> group::---
> group:SYSTEM:rwx
> mask:rwx
> other:---
>
> Krzysztof Duleba
>
Thanks for the diversion...
This is what I found for me.
e728075 AT DAS-FBAKSIK ~
$ groups
Domain Users Administrators Power Users Users
e728075 AT DAS-FBAKSIK ~
$ ll new.pl
-rw------- 1 Administrators Domain Users 22 Aug 28 13:04 new.pl
e728075 AT DAS-FBAKSIK ~
$ getfacl new.pl
# file: new.pl
# owner: Administrators
# group: Domain Users
user::rw-
group::---
mask:rwx
other:---
e728075 AT DAS-FBAKSIK ~
$ perl -ne 'print "hi: ", $_' new.pl
hi: print "hello world\n"
e728075 AT DAS-FBAKSIK ~
$ perl -e 'unless ( -r new.pl ) { print "can not read\n"; } '
can not read
The command /usr/bin/perlcc is actually a perl script that performs the -r
check to test if it can open the file. Therefore you get this...
e728075 AT DAS-FBAKSIK ~
$ perlcc new.pl
/usr/bin/perlcc: Cannot read input file new.pl:
but cat and perl can actually open the file, for example
e728075 AT DAS-FBAKSIK ~
$ cat new.pl
print "hello world\n"
So when perl does the -r check, it is correct based on the POSIX permissions
because your UID is not the same as the Administrators UID you should not be
able to open the file. But when any program actually attempts to open the
file windows ( or is it cygwin ) will let it be opened.
but, if I change ownership of the file to something else then I won't be
able to open it anymore.
e728075 AT DAS-FBAKSIK ~
$ ls -l new.pl
-rw------- 1 sshd Domain Users 22 Aug 28 13:04 new.pl
e728075 AT DAS-FBAKSIK ~
$ cat new.pl
cat: new.pl: Permission denied
I guess this would be one of those holes between window's ACLs and trying to
map it to POSIX permissions. I'm sure someone else can explain better.
--
Frodak
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
| webmaster | delorie software privacy |
| Copyright © 2019 by DJ Delorie | Updated Jul 2019 |