| delorie.com/archives/browse.cgi | search |
| X-Recipient: | archive-cygwin AT delorie DOT com |
| DomainKey-Signature: | a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id |
| :list-unsubscribe:list-subscribe:list-archive:list-post | |
| :list-help:sender:date:from:to:subject:message-id:reply-to | |
| :references:mime-version:content-type:in-reply-to; q=dns; s= | |
| default; b=JiRwaflgkQl1J8oVlxAmqBgtrBkKLLllh+IAXoeWuk1ZZmv+0he8D | |
| YO5o6lrVKVrFRavUwyDIdU2QLVMp1F9ik6ElXkH51zpYrFkzozHtIhhfLrtm5fcv | |
| OViXSUucJinZPYCl7LS9qEwlIpKo5TX+Emu606LnHu/7cm45BPm+XY= | |
| DKIM-Signature: | v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id |
| :list-unsubscribe:list-subscribe:list-archive:list-post | |
| :list-help:sender:date:from:to:subject:message-id:reply-to | |
| :references:mime-version:content-type:in-reply-to; s=default; | |
| bh=+GuNv0oiMJYrZvVLYsjrooHDNjM=; b=AlaCnFhBEuYrRPg1Xkf/CaQOdXDP | |
| 1DTzldCfDV8AvHEcMslKooJVASmwhxPZUaRFrmGhBJ1I24T1J8V5BvokYDp2o6mG | |
| Qkr89GyyEGUEMmjP5pvQdtGpicY/ysgG0ZmvfBnFIgsZxQnJUVf9+tNZX9br4DqY | |
| KFW8c4MnoxRFZsA= | |
| Mailing-List: | contact cygwin-help AT cygwin DOT com; run by ezmlm |
| List-Id: | <cygwin.cygwin.com> |
| List-Subscribe: | <mailto:cygwin-subscribe AT cygwin DOT com> |
| List-Archive: | <http://sourceware.org/ml/cygwin/> |
| List-Post: | <mailto:cygwin AT cygwin DOT com> |
| List-Help: | <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs> |
| Sender: | cygwin-owner AT cygwin DOT com |
| Mail-Followup-To: | cygwin AT cygwin DOT com |
| Delivered-To: | mailing list cygwin AT cygwin DOT com |
| Authentication-Results: | sourceware.org; auth=none |
| X-Virus-Found: | No |
| X-Spam-SWARE-Status: | No, score=-5.0 required=5.0 tests=AWL,BAYES_20 autolearn=ham version=3.3.2 |
| X-HELO: | calimero.vinschen.de |
| Date: | Fri, 27 Feb 2015 10:17:11 +0100 |
| From: | Corinna Vinschen <corinna-cygwin AT cygwin DOT com> |
| To: | cygwin AT cygwin DOT com |
| Subject: | Re: Too Many Permissions Stripped In 1.7.35? |
| Message-ID: | <20150227091711.GJ11124@calimero.vinschen.de> |
| Reply-To: | cygwin AT cygwin DOT com |
| Mail-Followup-To: | cygwin AT cygwin DOT com |
| References: | <54F00036 DOT 8050509 AT gmail DOT com> |
| MIME-Version: | 1.0 |
| In-Reply-To: | <54F00036.8050509@gmail.com> |
| User-Agent: | Mutt/1.5.23 (2014-03-12) |
--NgG1H2o5aFKkgPy/ Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Feb 26 21:27, random user wrote: > Regarding Corrinne's proposal to treat SYSTEM's ACE distinct from others > in forming the apparent group permission "mask": >=20 > Might it be sensible to do somewhat similar for the case where a file's > owner is the same as its primary group (i.e., same SID)? It has seemed > the chmod behavior for this case has long been what's proposed (at least > for the typical case of a chmod leaving the user with wider privileges > than the group), but the group permission bits have appeared set to ls > and other tools. It would seem to help re ~/.ssh and other cases that > are checked by programs wanting there to not be any group permissions. Good point. Right now the group permissions are =3D=3D owner permissions in the case the owner and group are the same. Maybe it would be better to remove all group permission bits if owner SID =3D=3D group SID instead.=20 Either way it's a bit puzzeling for the user because a chmod on group permissions has no effect, but the 0 group permissions would help security-conscious applications along. And it would be neither exactly a lie, nor more insecure. Hmm... > (Less sure I think this is really a good idea, but it'd seem consistent > with treating SYSTEM this way given the standard default ACLs on > /c/Users/<user>): Should Administrators be treated the same as SYSTEM? Nooooooo!!!1!!11! This is exactly what I was concerned about when I formulated my yesterday's suggestion to special-case SYSTEM. There's no end to all the special casing if we start with it. Administrators is a group is a group is a group. Just like any other group. Corinna --=20 Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Maintainer cygwin AT cygwin DOT com Red Hat --NgG1H2o5aFKkgPy/ Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBAgAGBQJU8DYXAAoJEPU2Bp2uRE+g5h4P/ifRK20qY628VtC8OsRTMDYX 7VblpH/y6CRsqG9jkAOQgLN6mAiZc/ctWgdDh+f6V1M1E4zHwfzD6KWa8vmL9WMI 8JaHcZ75FwEgAY/HWVyMQHaUurMS2/MuyjdnH9bWtspnHXGBaWDTBSkeoScSSjef vliEVcgI60Dlnk3srejGDYg4uj78jJ/dp1xDjdTpQMBYvYL5lp5cBrZ/hoG1jLvn tpWxr4uuspj3yIkVYVjgEvBBvJrmfLky1f/b0dAWhYviutxhi7bXjs1G/98f3QtD nL0mUJNd9OQ4uRYocgiPFCdtRTYpVObXKtOwma8pNEMh6m79mwbV1XamJRJsD10X xCffBPBxBgFFxxCadr6N/rsscsOqg/o3WZRYkyTApMqwd8g0jwni3mIAts+ZiuFM 56gm3NRqbG5yuR6kldZlyGSAgghbvI/7MntI3YBqgbcGc8Wj8FjaoAIjojrfGu+i pNF/4yoUhQC4RRVPe4B3dKH2eDqyu/Sz8Ge8A0U5Z29lW+HtN/ORCEKJzb9YFbnj VHYRQ36t9sg8/uUXDsd2XpPVaJDWDjXm+M4yf/6iGMYdJpe8t6aWgAoV/6G81GoE XG0j7/khVh2WJhpyn6CmBIHYyOgfmXcNi4xQBN4oIsGMiVKnlOxSI+vSbEuhl6TE d4KlJjcxONF/dImbVRzo =2YwW -----END PGP SIGNATURE----- --NgG1H2o5aFKkgPy/--
| webmaster | delorie software privacy |
| Copyright © 2019 by DJ Delorie | Updated Jul 2019 |