Mail Archives: cygwin/2008/09/30/12:34:48
On Sep 29 18:52, Corinna Vinschen wrote:
> On Sep 9 07:47, Barry Kelly wrote:
> > Unfortunately, Cygwin creates an ACE for the group Everyone, even with
> > umask 0077, or after chmod 0700 is applied. Specifically, this is what
> > it looks like using cacls:
> >
> > Everyone:(special access:)
> > READ_CONTROL
> > FILE_READ_EA
> > FILE_READ_ATTRIBUTES
> >
> > How can addition of this ACE be controlled or prevented by default for
> > Cygwin applications?
>
> It can't be prevented right now. I added "don't create null
> group/everyone ACEs to file ACLs" on my Cygwin 1.7 TODO list.
Fresh back from vacation I missed the crucial point here. Sorry.
The real answer is: It can't be prevented and there are no plans to add
code to prevent it, since these read permissions are required to get
POSIX-like permissions.
Unless, of course, you go without POSIX permissions entirely. The
setting for this is the "nontsec" keyword in the environment variable
$CYGWIN until Cygwin 1.5.25(*), which has global scope, or the mount
point option "noacl" in /etc/fstab starting with Cygwin 1.7(**), which
has a per-mount point scope. Using nontsec/noacl will result in getting
Windows default permissions instead of POSIX equivalent permissions.
Corinna
(*) http://cygwin.com/cygwin-ug-net/using-cygwinenv.html
(**) Preliminary docs:
http://cygwin.com/1.7/cygwin-ug-net/using.html#mount-table
--
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Project Co-Leader cygwin AT cygwin DOT com
Red Hat
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
- Raw text -