| delorie.com/archives/browse.cgi | search |
| X-Recipient: | archive-cygwin AT delorie DOT com |
| DomainKey-Signature: | a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id |
| :list-unsubscribe:list-subscribe:list-archive:list-post | |
| :list-help:sender:date:from:to:subject:message-id:reply-to | |
| :references:mime-version:content-type:in-reply-to; q=dns; s= | |
| default; b=AuHvvKKdhd07mZYUpqSobwxRFB+Rk3jhjdJokzG3XoMk/2j+Zqyop | |
| lZgKenYsHramjayyCtnvlES8JNMyjoCTzUPLxB1cQPEJ+5y4rIzJgmfSTDjaLX9f | |
| Y65ymOjakeZfNxYNQZbaB24YkylUlRjS/fz5knPpSv4gC8Xtl1reP0= | |
| DKIM-Signature: | v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id |
| :list-unsubscribe:list-subscribe:list-archive:list-post | |
| :list-help:sender:date:from:to:subject:message-id:reply-to | |
| :references:mime-version:content-type:in-reply-to; s=default; | |
| bh=XsV8euaTO0Ht/qvJqvVgCTguGTM=; b=c6+QbhDm4pLpTNZmHS+TaUW8VltO | |
| PanLE0wQHoztA9VnYn9826XOpbK/qGHOJZksNFmbVPO4dXYr/Z4kSWWS2+6VGL4n | |
| J5043eSQ8qI75m64MDccb996DrZHeqqFFJZrUpYhwMFbKZJ405+zhQHHDnDpU4pL | |
| Wnof7zHdxUdw3nE= | |
| Mailing-List: | contact cygwin-help AT cygwin DOT com; run by ezmlm |
| List-Id: | <cygwin.cygwin.com> |
| List-Subscribe: | <mailto:cygwin-subscribe AT cygwin DOT com> |
| List-Archive: | <http://sourceware.org/ml/cygwin/> |
| List-Post: | <mailto:cygwin AT cygwin DOT com> |
| List-Help: | <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs> |
| Sender: | cygwin-owner AT cygwin DOT com |
| Mail-Followup-To: | cygwin AT cygwin DOT com |
| Delivered-To: | mailing list cygwin AT cygwin DOT com |
| Authentication-Results: | sourceware.org; auth=none |
| X-Virus-Found: | No |
| X-Spam-SWARE-Status: | No, score=-5.9 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.3.2 |
| X-HELO: | calimero.vinschen.de |
| Date: | Mon, 13 Oct 2014 10:07:25 +0200 |
| From: | Corinna Vinschen <corinna-cygwin AT cygwin DOT com> |
| To: | cygwin AT cygwin DOT com |
| Subject: | Re: Necessary To Query SACL Information? |
| Message-ID: | <20141013080725.GY2681@calimero.vinschen.de> |
| Reply-To: | cygwin AT cygwin DOT com |
| Mail-Followup-To: | cygwin AT cygwin DOT com |
| References: | <CADi7v6J5xOcDuv=4aODLswMBSDLaAcNXs5yCM=WBsqbsrLV+zg AT mail DOT gmail DOT com> |
| MIME-Version: | 1.0 |
| In-Reply-To: | <CADi7v6J5xOcDuv=4aODLswMBSDLaAcNXs5yCM=WBsqbsrLV+zg@mail.gmail.com> |
| User-Agent: | Mutt/1.5.23 (2014-03-12) |
--pP0ycGQONqsnqIMP Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Oct 12 20:37, Bryan Berns wrote: > I noticed when I launch an executable, Cygwin queries SACL information > on the executable (which I can see in Process Monitor as a > 'QuerySecurityFile' operation). On some of my protected file servers, > this generates a failure audit. Looking at the source code, I'm going > to guess this might be from the NtQuerySecurityObject call in > security.cc which requests SACL information by asking for for > ALL_SECURITY_INFORMATION. Does Cygwin really need to query this > information? Aside from keeping my audit logs clean, it seems like it > might be an opportunity for optimizing the executable launch process > if Cygwin doesn't really need this (or some of the other information > that ALL_SECURITY_INFORMATION provides). As you found out yourself, Cygwin only reads and writes the owner/group information and the DACL. Accessing this information is required for POSIX permission handling, e.g. stat(2), chmod(2), chown(2), acl(2). Also, creating a file with open(2) requires to write the DACL to create valid POSIX permissions for a file. Corinna --=20 Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Maintainer cygwin AT cygwin DOT com Red Hat --pP0ycGQONqsnqIMP Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJUO4g9AAoJEPU2Bp2uRE+gkMIP/0plEUxqVmtHySmU8ZNmYp4S ff9seDcivQ33OmqZJzsNlBttedRgTQ1fB+9zY4RYBJujA51dGKhRhNHWhoaznqai AMlkeEiy1cVBBDvv12/Y4CkfjiWQjzcPHIiVGkLt2OEmPKKw/Xk6e3RvKlEMUGTW bYqq5DX5ecb/s+42kMWAog1L2j8ovVb2ANJJWv9bQ49FUmeQMstjl+oMO4EKfbBL FhQvtTpgju1eAm/xrzYTA1QBtpiU+fvn/tpW/wCiW5gmPHlvVhgoESQ+bd+f2Xi6 zHAcunhqTkQxlL+ud3tX9vmgD+nUm+YJ0Ydcd4Hypifgo30BYTvAl6VAq+OTtNXW tdfSHo3hWvDwkGpAvmi3EIL4WopmbUy+fcQ/kh2Og50zYBKNiQE2/snCkSgCBrFi sebSduLJ91ODWHgppGxreWvTIMluiVVz6z/g1zJbe41k3gVxxRJxB+nRkwaY482d c84VRzbBvhOXryP5JYy0VRh1oNzbpMycoXeTlhHS/x3K6dZ0mZ8nAYfNRUSxQgRM yr16yrGPq5EqbDJk/gcVy42SjEvCgEfR9cFfVh76iKZtvBpUtKNCopP1bZs5Ccl3 H5oIJwy29k7X3p2/N0O5KXXKGuLvBPwm1+Ff4RNECUFbULsIUe23mwXLiHtiReK4 dzRE4clgyN+TTdu3VNrd =gOlA -----END PGP SIGNATURE----- --pP0ycGQONqsnqIMP--
| webmaster | delorie software privacy |
| Copyright © 2019 by DJ Delorie | Updated Jul 2019 |