delorie.com/archives/browse.cgi   search  
Mail Archives: cygwin/2015/04/02/11:35:35

X-Recipient: archive-cygwin AT delorie DOT com
DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
:list-unsubscribe:list-subscribe:list-archive:list-post
:list-help:sender:date:from:reply-to:message-id:to:subject
:in-reply-to:references:mime-version:content-type
:content-transfer-encoding; q=dns; s=default; b=c3EcQZ0hUXU+zOO9
6BaWSrGbZknzBvyHAibyB5DoYMtSY4K/pwtv0nRiFeiJk0kv1Qx89ckL4dwiA80i
YKQXjizimLwkDVbHcJ2OiJjG+RGxqY4FUE7HWqGucJBTrq3ajgGubMZueSoooCtj
AK6lD+rcv+QvbGXpy0k8MVfheSE=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
:list-unsubscribe:list-subscribe:list-archive:list-post
:list-help:sender:date:from:reply-to:message-id:to:subject
:in-reply-to:references:mime-version:content-type
:content-transfer-encoding; s=default; bh=oog/bkATBXhg96NO2B9oux
iPwjo=; b=c98fL4tdoQOx+RozyiM0MhaMp9gaLwGumWe/VxQpCXJjA0kHaLae+S
xpq1QWgwypQ+DKrHxTqB3SJwq1MZ3ygY4b/sJ08SS5lHD/ukRh8yiu2VS2PqcHHc
e2hd8QoKR8hYk+nttEp1yDNeFFS9p+BOq7awLzacU71ne1++uqGbo=
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=-3.0 required=5.0 tests=AWL,BAYES_60,FREEMAIL_FROM,KAM_THEBAT,SPF_SOFTFAIL autolearn=no version=3.3.2
X-HELO: smtp.ht-systems.ru
Date: Thu, 2 Apr 2015 18:31:53 +0300
From: Andrey Repin <anrdaemon AT yandex DOT ru>
Reply-To: cygwin AT cygwin DOT com
Message-ID: <1876247786.20150402183153@yandex.ru>
To: Bryan Berns <bryan DOT berns AT gmail DOT com>, cygwin AT cygwin DOT com
Subject: Re: File Permissions - Yet Another Question / Clarification
In-Reply-To: <CADi7v6+T7Wg=JncC2K-SWANkG6xKL+Z0Y+4azRLs1S8s-YXwdw@mail.gmail.com>
References: <CADi7v6K6Xbz3JYB-=JC23YMCEHzhmV3sSOAtcE73ydTecbcR-Q AT mail DOT gmail DOT com> <152755247 DOT 20150401232333 AT yandex DOT ru> <CADi7v6L0LyBSMRHWpWkcRPv-9=mZQLMTOPcyLO_k8kujV=ypTQ AT mail DOT gmail DOT com> <402200952 DOT 20150402043205 AT yandex DOT ru> <CADi7v6+T7Wg=JncC2K-SWANkG6xKL+Z0Y+4azRLs1S8s-YXwdw AT mail DOT gmail DOT com>
MIME-Version: 1.0
X-IsSubscribed: yes 

Greetings, Bryan Berns!

> I'll try to reproduce the issue on a standard NTFS volume -- although
> I would image Cygwin is just decoding the same DACL that ICACLS is
> returning.  The other oddity is why it's not recognizing *me* as
> having any permissions.

getfacl may shed additional light.

> In the particular case of SSH, is there any way to make SSH ignore
> these permissions?

Thanks, I laughed.

> I understand the importance / value of the check
> it's doing, but in our situation, it's not necessary...

You never know when it is necessary. Security is a tough mistress.

> and obviously
> causing us pain given the permission weirdness.  Removing the
> administrative groups would be undesirable for us since they assist in
> our administrative team doing home directory moves across sites.

Administrators can access anything they want regardless of permissions, if
they really need to do it.
This is not a valid argument.

And leaving the context out of the reply doesn't help the discussion at all.


-- 
With best regards,
Andrey Repin
Thursday, April 2, 2015 18:29:18

Sorry for my terrible english...


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

- Raw text -


  webmaster     delorie software   privacy  
  Copyright © 2019   by DJ Delorie     Updated Jul 2019