| delorie.com/archives/browse.cgi | search |
| X-Recipient: | archive-cygwin AT delorie DOT com |
| DomainKey-Signature: | a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id |
| :list-unsubscribe:list-subscribe:list-archive:list-post | |
| :list-help:sender:date:from:to:subject:message-id:reply-to | |
| :references:mime-version:content-type:in-reply-to; q=dns; s= | |
| default; b=QJTFIzvAEv8qP1ma9Rb0YB64fLgWWGe3Tu72pP24Rnxf0X24zpgAK | |
| 74huZS4uulEwd2hH+FfiAm/B8qi42iWMxox0/+gCk/zhePjl1PY3dAGSoR5BiBxX | |
| erYALNNJQe8Z0OLdsVQypT8fo1obBkAXqB+rgAzADMsAh+99ov0vS8= | |
| DKIM-Signature: | v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id |
| :list-unsubscribe:list-subscribe:list-archive:list-post | |
| :list-help:sender:date:from:to:subject:message-id:reply-to | |
| :references:mime-version:content-type:in-reply-to; s=default; | |
| bh=LWm07OiSNFK1p10Jb5HSZSsWYJk=; b=mXPKenPVyHjGzKqQs4uO3JnLYEzj | |
| aTd7PfL7OB0srUNfGRR6NPyp5zaFVY+cE7iukyIDXi+cehCw9j+kQnwFYAqm1F9N | |
| djb74d2p2qFI2LLlrmJjRRiiVY0GGf/f7OBcPzTG7MdGeB2pvikTnn0fxcvbqlOE | |
| OGPhsyDu2mt9zbQ= | |
| Mailing-List: | contact cygwin-help AT cygwin DOT com; run by ezmlm |
| List-Id: | <cygwin.cygwin.com> |
| List-Subscribe: | <mailto:cygwin-subscribe AT cygwin DOT com> |
| List-Archive: | <http://sourceware.org/ml/cygwin/> |
| List-Post: | <mailto:cygwin AT cygwin DOT com> |
| List-Help: | <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs> |
| Sender: | cygwin-owner AT cygwin DOT com |
| Mail-Followup-To: | cygwin AT cygwin DOT com |
| Delivered-To: | mailing list cygwin AT cygwin DOT com |
| Authentication-Results: | sourceware.org; auth=none |
| X-Virus-Found: | No |
| X-Spam-SWARE-Status: | No, score=-5.9 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.3.2 |
| X-HELO: | calimero.vinschen.de |
| Date: | Tue, 10 Feb 2015 10:21:22 +0100 |
| From: | Corinna Vinschen <corinna-cygwin AT cygwin DOT com> |
| To: | cygwin AT cygwin DOT com |
| Subject: | Re: group permissions |
| Message-ID: | <20150210092122.GA15989@calimero.vinschen.de> |
| Reply-To: | cygwin AT cygwin DOT com |
| Mail-Followup-To: | cygwin AT cygwin DOT com |
| References: | <54D7EB4E DOT 6020105 AT towo DOT net> <20150209091445 DOT GA10457 AT calimero DOT vinschen DOT de> <54D91687 DOT 8090301 AT towo DOT net> |
| MIME-Version: | 1.0 |
| In-Reply-To: | <54D91687.8090301@towo.net> |
| User-Agent: | Mutt/1.5.23 (2014-03-12) |
--FCuugMFkClbJLl1L
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Feb 9 21:20, Thomas Wolff wrote:
> Am 09.02.2015 um 10:14 schrieb Corinna Vinschen:
> >On Feb 9 00:03, Thomas Wolff wrote:
> >>With 1.7.34-6:
> >>>- the fixes in POSIX ACL handling and the effect this has on the stand=
ard
> >>> POSIX group permissions, as well as the accompanying new setfacl(=
1)
> >>> options -b/--remove-all and -k/--remove-default.
> >>>
> >>>Seehttps://cygwin.com/cygwin-ug-net/using-utils.html#setfacl
> >>>andhttps://cygwin.com/faq.faq.html#faq.using.ssh-pubkey-stops-working
> >>>andhttps://cygwin.com/faq.faq.html#faq.using.same-with-rhosts
> >>[...]
> >ls shows the primary group of the file and that's not going to change.
> >The hint that more permissions are given is the '+' sign appened to the
> >permission bits.
> I checked on a Ubuntu system where behaviour is more intuitive by some
> functionally added by chmod; it implicitly modifies the =E2=80=9Cmask=E2=
=80=9D entry to
> achieve exactly the effect most likely to be desired by chmod (showing on=
ly
> the group-relevant output lines of getfacl below):
This is effectively the kernel, not only chmod on Ubuntu. chmod(1)
simply calls fchmodat(2). This always influences the ACL_MASK entry
if there is one.
Here's the problem: Windows doesn't support an ACL_MASK entry, nor
anything even remotely resembling it.
What does that mean for us?
When reading permissions from a Windows ACL, the ACL_MASK entry can only
be computed from the given values. The ACL_MASK entry can not be written.
If Cygwin would like to emulate writing an ACL_MASK entry and the Linux
kernel way of writing an ACL_MASK via chmod(2), there would be two ways
to implement that:
o One way would be to fake the mask value by adding an ACL entry with an
otherwise unused SID. Cygwin already uses an ACE with the NULL SID
(S-1-0-0) to emulate S_ISUID, S_ISGID, S_ISVTX, the latter of which
actually works, the first two just being fake. We could use the NULL
SID for ACL_MASK as well.
However, this fake is somewhat dangerous. The current implementation
computes the mask value and adds it to the group permissions, because
that reflects reality much better than the old implementation. The
permissions on the files *are* open to other users and thus a
security- conscious, but not ACL-aware application like SSH should
now. If we fake ACL_MASK as described above, we're not better off
than with the old implementation. The NULL SID would just fake tight
permissions, in reality the permissions are still open.
o The other way to emulate writing an ACL_MASK entry would be to drop
permissions from all groups and secondary users so they match the
desired mask value. This is secure, but in contrast to the other
solution it would change the secondary permissions permanently.
Changing the mask back would not change the permissions of the
secondary ACL entries back.
And a third one, which just occured to me after writing the above:
o Cygwin could emulate the mask by adding an Access-denied ACE for the
authenticated user SID (S-1-5-11) right after the primary group entry.
The permission in this ACE are the x'or value of the permissions
given in the mask. Such an ACL would basically look like this:
primary user rw-
primary group r--
S-1-5-11 -wx deny
some-group1 rwx
some-user2 rw-
Everyone r--=20=20=20=20=20=20=20=20=20=20
The effect would be almost (bit not quite exactly) as if a mask
value of 'r--' is given. Since the other groups and users are
authenticated users, this would effectively disallow them the
access denied by our "authenticated user mask".
If the authenticated user SID doesn't work as desired, the fallback
would be Users (S-1-5-32-545).
I'm open to discuss this further. It needs implementing, of course.
Corinna
--=20
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Maintainer cygwin AT cygwin DOT com
Red Hat
--FCuugMFkClbJLl1L
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAEBAgAGBQJU2c2SAAoJEPU2Bp2uRE+gZs8P/jQX65jjgWg2vOfQoFvLt9uz
dQGBY+cnxEU2aEok36mhIadUbTo0DYgYwvPphX4qwxU9DiPtH4rSLGj7ZA8NvG6h
RRKXNRfkItSmI0zjLCOGGTnFgUsgow/M2+TgUW0i3OGX2mEnrF7iTBWVimc1QHDg
hiDWh0DA/NtJb4aYoDufgQTxJaHoHssTTgBTvzsBRsjGlAIP8MWm7R4EoeSLw6y9
STg1b2ElJ6Ywlo3HFe8YAfbRR63agFtFP8rmHIYYZP2WahBNnkzG5QUCQ5EkAm/i
AepB0DHuJ5uRbf6cfYkHtkqTnz58PWL+Evf2il1rkFEc6Zv6mKSBFJ4ODEYEinNI
nTXB4FSbmlYQAIse4yl4WJebUT0DeTuR26/AgwG0P+jNOebt66gbQUs5akr9Xi93
3gKT2pzJsbEYH9acd52GzKM/tPrRDZxPlcs0eXTni1z+ybQPVsuGUbMYY/5hot//
d33yHomg7+MBfc7NDr3KjFlvwwnBRbZOrWzYM4lMQkobOxIpZTjWOFECpjOIGDj3
LKlXCUEo4uAsYqbKRhVnd7nilFNjseasiZbFmJhOrdrpZSdVADdzxYI+c3Pi6+V6
Yknrli1tHLosmYcBIzhk4okm+1p9NWsChiAPMiVe1R3m2d0vWBW38ZNIJL1kRpch
JFOjImRj5KqKO63U91G2
=JvvO
-----END PGP SIGNATURE-----
--FCuugMFkClbJLl1L--
| webmaster | delorie software privacy |
| Copyright © 2019 by DJ Delorie | Updated Jul 2019 |