Mail Archives: cygwin/2005/09/15/03:55:31
On Sep 14 19:42, Dave Korn wrote:
> ----Original Message----
> >From: Shankar Unni
> >Sent: 14 September 2005 18:55
>
> > Eric Blake wrote:
> >
> >> You'd better check the permissions there. What does
> >> 'getfacl /cygdrive/c/oracle/product/10.1.0/db_1/bin/EXP.EXE'
> >> show?
> >
> > [~] 7. getfacl /cygdrive/c/oracle/product/10.1.0/db_1/bin/EXP.EXE
> > # file: /cygdrive/c/oracle/product/10.1.0/db_1/bin/EXP.EXE
> > # owner: shankar
> > # group: None
> > user::---
> > group::---
> > group:root:rwx
> > group:SYSTEM:rwx
> > mask:rwx
> > other:---
> >
> > Not being terribly familiar with facl's, I'm unsure as to how to read
> > this. But I am listed as the owner. And I'm also a member of the
> > Administrators group on my system..
>
>
> Fascinating fact of the day #2387: The 'doze "Administrators" group does
> in fact _not_ have full and un-ACL'd access to everything. Only
> NT_AUTHORITY\System can do that.
No, not even SYSTEM has this right. If you remove read permission for
SYSTEM on your .ssh/authorized_keys file, you'll be unable to ssh into
your box using pubkey authentication. I think that's really crazy, but
nobody has asked for my opinion, apparently...
Corinna
--
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Project Co-Leader cygwin AT cygwin DOT com
Red Hat, Inc.
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
- Raw text -