delorie.com/archives/browse.cgi   search  
Mail Archives: cygwin/2009/11/29/15:00:12

X-Recipient: archive-cygwin AT delorie DOT com
X-SWARE-Spam-Status: No, hits=-2.0 required=5.0 tests=BAYES_00,SARE_MSGID_LONG40,SPF_PASS
X-Spam-Check-By: sourceware.org
MIME-Version: 1.0
In-Reply-To: <20091129143220.GA16680@calimero.vinschen.de>
References: <4B115A56 DOT 2060705 AT alice DOT it> <a13b5a590911281612r796d112bw1208a869433d2b88 AT mail DOT gmail DOT com> <20091129143220 DOT GA16680 AT calimero DOT vinschen DOT de>
Date: Sun, 29 Nov 2009 14:59:55 -0500
Message-ID: <a13b5a590911291159g5f837dbap614105a16adf41ce@mail.gmail.com>
Subject: Re: [ANNOUNCEMENT] [1.7] Updated: cygwin-1.7.0-67
From: Robert Pendell <shinji AT elite-systems DOT org>
To: cygwin AT cygwin DOT com
X-IsSubscribed: yes
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Unsubscribe: <mailto:cygwin-unsubscribe-archive-cygwin=delorie DOT com AT cygwin DOT com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com 

On Sun, Nov 29, 2009 at 9:32 AM, Corinna Vinschen wrote:
> On Nov 28 19:12, Robert Pendell wrote:
>> On Sat, Nov 28, 2009 at 12:13 PM, Angelo Graziosi wrote:
>> >
>> > Corinna Vinschen wrote:
>> >>
>> >> Fixes a few last-minute bugs:
>> >
>> > Now, it seems that creating directories and files in some manner acqui=
res an extra unexpected '+' flag. For example (from Cygwin.bat or MinTTY):
>> >
>> >
>> > $ echo "Not " > foo1.txt
>> >
>> > $ echo "Not OK" > foo2.txt
>> >
>> > $ diff -Naur foo1.txt foo2.txt > foo.diff
>> >
>> > $ cp foo1.txt foo.txt
>> >
>> > $ patch foo.txt foo.diff
>> > patching file foo.txt
>> >
>> > $ mkdir foo
>> >
>> > $ ls -lrtd foo*
>> > -rw-r--r-- =C2=A01 ... =C2=A0 5 28 Nov 18:02 foo1.txt
>> > -rw-r--r-- =C2=A01 ... =C2=A0 7 28 Nov 18:02 foo2.txt
>> > -rw-r--r-- =C2=A01 ... 124 28 Nov 18:02 foo.diff
>> > -rw-r--r--+ 1 ... =C2=A0 7 28 Nov 18:03 foo.txt
>> > drwxr-xr-x+ 1 ... =C2=A0 0 28 Nov 18:03 foo
>> >
>> > See the extra '+' for 'foo.txt' and 'foo'!
>> >
>> > I didn't note this with previous version -66, -65...
>> >
>> > Is it to be expected with -67?
>> >
>
> For the directory entry, yes. =C2=A0These additional entries are default
> entries for user, group, and other, generated by code which was already
> in 1.5, and which had been removed from 1.7.0 back in January.
> Unfortunately the removal of these entries result in potentially weird
> permission settings on files within Cygwin-created directories in case
> the files are created by non-Cygwin Windows tools. =C2=A0Therefore I put =
them
> back in -63.
>
> Apart from that, I don't see the extra permissions when creating the
> patched foo.txt. =C2=A0In other words, I can't reproduce it, at least not=
 on
> W7 under UAC.
>
>> Looks like there is a change in permissions with the file during the
>> diff program run. =C2=A0I might run a strace on it if someone tells me t=
he
>> appropriate command to do. =C2=A0Anyways here is the relevant part with
>> icacls before and after the diff command.
>>
>> shinji AT Balthasar ~
>> $ icacls foo.txt
>> foo.txt Balthasar\shinji:(R,W,D,WDAC,WO)
>> =C2=A0 =C2=A0 =C2=A0 =C2=A0 Balthasar\None:(R)
>> =C2=A0 =C2=A0 =C2=A0 =C2=A0 Everyone:(R)
>>
>> Successfully processed 1 files; Failed processing 0 files
>>
>> shinji AT Balthasar ~
>>
>> $ patch foo.txt foo.diff
>> patching file foo.txt
>>
>> shinji AT Balthasar ~
>> $ icacls foo.txt
>> foo.txt Balthasar\shinji:(R,W,D,WDAC,WO)
>> =C2=A0 =C2=A0 =C2=A0 =C2=A0 Balthasar\None:(R)
>> =C2=A0 =C2=A0 =C2=A0 =C2=A0 Everyone:(R)
>> =C2=A0 =C2=A0 =C2=A0 =C2=A0 NT AUTHORITY\SYSTEM:(F)
>> =C2=A0 =C2=A0 =C2=A0 =C2=A0 BUILTIN\Administrators:(F)
>>
>> Successfully processed 1 files; Failed processing 0 files
>>
>> The 2 additional permission lines on the second icacls run is what
>> causes the + to appear.
>
> Indeed. =C2=A0I just don't get how they are generated. =C2=A0I know where=
 they are
> coming from (they are part of the default DACL of the user token), but I
> don't understand how they get into the ACL of foo.txt. =C2=A0For some rea=
son
> this doesn't occur in my testing. =C2=A0I tried in a normal as well as in=
 an
> elevated shell, in a directory created with an older version of Cygwin
> without default entries, as well as in a directory created with a newer
> Cygwin with default entries. =C2=A0In neither case I see the extra entries
> for SYSTEM and Administrators.
>
> What are the permissions of the parent directory? =C2=A0In other words,
> what does "icacls ." print in this scenario?

Here is the output for icacls .

shinji AT Balthasar ~
$ icacls .
. Balthasar\shinji:(F)
  Balthasar\None:(RX)
  Everyone:(RX)

Just so you know I am also running on Windows 7 with UAC enabled and I
am able to fully reproduce the issue.  I am using mintty that is not
elevated.

I figured the directory entry part was normal since I got that in -65
so I never ran icacls on that entry.  Just on foo.txt.

If you need a cygcheck.out then let me know.


Robert Pendell
shinji AT elite-systems DOT org
CAcert Assurer
"A perfect world is one of chaos."

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

- Raw text -


  webmaster     delorie software   privacy  
  Copyright © 2019   by DJ Delorie     Updated Jul 2019