delorie.com/archives/browse.cgi   search  
Mail Archives: cygwin/2014/11/13/16:30:33

X-Recipient: archive-cygwin AT delorie DOT com
DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
:list-unsubscribe:list-subscribe:list-archive:list-post
:list-help:sender:date:from:to:subject:message-id:reply-to
:references:mime-version:content-type:in-reply-to; q=dns; s=
default; b=hWf9voTX9VaCXmtLh/Le+i6IraplT35QXyV1INAJAIDnkBbPkS4g/
2EFUSIawceVT1fznPfcaVXsVjgdcPaSoTThPQzW5fgjcIHng4nhYdgwCZBX5oblY
Z2DdPKdx5p5hSZXYANiZ2ci9bC7a0qOw0Ihv57D0lrq7z7acZUTXzY=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
:list-unsubscribe:list-subscribe:list-archive:list-post
:list-help:sender:date:from:to:subject:message-id:reply-to
:references:mime-version:content-type:in-reply-to; s=default;
bh=9pyHvb/VTlu5pkAGCVSu+1/BgdY=; b=HNQiDeFtBwOYLwfC5Af3UGX2Idsu
KFpFAaRkTcnHVvROvM1ocs+Ry/HPPATxVNDU7s74FYlCQXFRleXmQrd2bwvzqeHC
dJHzSsVRk693bp6m+wBEZr+nUh3mMoBH6jyXSoJo4DLNa3t8A8hBjUw7xHpKP9iN
3zOApF+otgKaKnU=
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=-5.9 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.3.2
X-HELO: calimero.vinschen.de
Date: Thu, 13 Nov 2014 22:30:05 +0100
From: Corinna Vinschen <corinna-cygwin AT cygwin DOT com>
To: cygwin AT cygwin DOT com
Subject: Re: /usr/local, /var and */tmp in c:\Users\Public
Message-ID: <20141113213005.GV2782@calimero.vinschen.de>
Reply-To: cygwin AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
References: <81578012-FD3F-4463-BC56-ADB092317DD4 AT etr-usa DOT com> <CABa6CEkRV=3FY6ZVGrdt--rH3PppwCJRD5poU0L2knv2k2ce_w AT mail DOT gmail DOT com> <25F385A9-3E2D-44FC-998F-D2672F67DFE4 AT etr-usa DOT com> <m40npq$vrq$1 AT ger DOT gmane DOT org> <ECD073FF-B78C-4D19-8DE1-5F4E390D2495 AT etr-usa DOT com> <20141113093335 DOT GI2782 AT calimero DOT vinschen DOT de> <40005E53-A327-4E4A-8C71-514E505F9FBC AT etr-usa DOT com>
MIME-Version: 1.0
In-Reply-To: <40005E53-A327-4E4A-8C71-514E505F9FBC@etr-usa.com>
User-Agent: Mutt/1.5.23 (2014-03-12) 

--y8OL7jWO5wDKNv+B
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Nov 13 14:09, Warren Young wrote:
> On Nov 13, 2014, at 2:33 AM, Corinna Vinschen <corinna-cygwin AT cygwin DOT com>=
 wrote:
>=20
> > On Nov 12 17:19, Warren Young wrote:
> >>=20
> >> I=E2=80=99m not advocating that step so early, but maybe if this break=
up does
> >> happen, a few years later setup.exe can start applying some strong
> >> ACLs to files it writes.
> >=20
> > ??? What "strong" ACLs?
>=20
> The ones that are not there right now. :)
>=20
> Just to pick a random example:
>=20
> $ ls -l /bin/ls.exe
> -rwxrwxr-x 1 Warren None 116253 Oct 13 10:12 /bin/ls.exe
>=20
> The same file=E2=80=99s permissions, from Windows=E2=80=99 perspective:
>=20
> http://etr-usa.com/cygwin/ls-perms.png

icacls output would be more helpful than a picture.

However, this isn't really a problem.  The group permissions are
apparently faked by Cygwin, they don't reflect the reality.  I just
don't remember why this is done, it's probably old.  Have to check...

> So, just because I installed Cygwin with my regular user account, I
> get permission to rewrite ls.exe.  This is not a good thing, if our
> goal is to make Cygwin work like Linux while working *within* the
> Windows environment.=20=20

> IMHO, the way to meet both goals simultaneously is to put programs in
> c:\Program Files,

No, sorry, but no.  We're certainly not going to turn everything upside
down installation-wise.  If you want Cygwin installed into Program
Files, just change it in the GUI.

> and to give full-control perms to the local
> Administrator account in the SAM case, or possibly the domain one in
> the AD case.

BTDT.  The code is still in Setup, just doesn't run anymore.  The idea
was to install with user and group set to Administator/ Administrators,
but we had some complaints and the code got deactivated.  We can
reactivate the Administrators group, but that still requires to run
Setup elevated.  It doesn't work when running under a non-admin account.

However, the *other* idea is that if you install with an elevated Setup,
your account is an admin account anyway.  Ideally when you install
Cygwin for multiple users, you're using an account you're not using for
daily usage.


Corinna

--=20
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Maintainer                 cygwin AT cygwin DOT com
Red Hat

--y8OL7jWO5wDKNv+B
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJUZSLdAAoJEPU2Bp2uRE+g2ukQAJkcKBSyH1SK6iG+moi+UO2P
a+mJk63nC0dmIDb0sjUrhwE4tX0BUdlXkEJugB90bPmrY6NMY9rhGahFM24r9urJ
NIENy0ajEUvV/NtMW/xj+cpmgF/IOx8wtZscL+k4TLoLXI8wG5/DjcbdAshwDRbG
/0Dep9AwuSg78T6J4G6/ub6ISPZ+29egRnuRfhEUVHDys1XR/s7OSDDM0vuyf9OB
qlziXaOOV4c+ILVt5jI+NOXaaxk+0KrB9k8Vs/jFU1x1enpK0+9hT4vLtt9An5d9
4CQUXiU/REbzBakB3UDtMPYKWzyR7dHlYHObNq7Blwfkylof/3DNBgJ1uHq5/0xt
WXVU7yQ7pUU11PuwmN6FN0Pq3+qRwSA6GBke4fa0ia0fVWRYU6WLPr1EqJsv99dK
A9NoYsdZCV2L3XR7v3CLdHQmKeD7hOnTshjTba+VBfzq4h2FEcU1v8XdCucNxQsW
cdri1A5UfUmG4mcLUbg53jOyZiIfTpeyV9+HDKo5lgSA2oWA3Jts4GMnIXPe3fkS
q36RBDo/z3pqx6HTOlJwKYm2b0vtX5GgC52z0fQk/LjdX9+RLDEkvNONM+/v1o12
eMZttkJqjR2W6+3vKwjgvNwo6fQbpxV/MCiYBiWioLWkRWizvW9TrKTIkNF43vxf
OZkTu1hXId0B0v5OT3oi
=0us8
-----END PGP SIGNATURE-----

--y8OL7jWO5wDKNv+B--

- Raw text -


  webmaster     delorie software   privacy  
  Copyright © 2019   by DJ Delorie     Updated Jul 2019