X-Recipient:	archive-cygwin AT delorie DOT com
DomainKey-Signature:	a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:date:from:to:subject:message-id:reply-to
	:references:mime-version:content-type:in-reply-to; q=dns; s=
	default; b=bjFA/zwIO3fkQSH7Rejom4967X6y8RkkfQP63GlCkrqG/xh06UpaM
	kEs/srD9QkEIVMnTJIV3Y8L3CzWSzjNYpwQ0kJvxdt+9SdNPH+lJ6PPFqcFfoquc
	MSxeL5JlPAUcMrpEQI8+vUVQPweYY2oKhMfvHJD0ygxycqUjlCzTjc=
DKIM-Signature:	v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:date:from:to:subject:message-id:reply-to
	:references:mime-version:content-type:in-reply-to; s=default;
	bh=0n1hOSvLrmh/sJ7VyrF/AEceYJo=; b=Do4LflD5wgyPf6TA4/CQDqQhq/TB
	pAFinwNwHhO/mWhEJ/CDocegY2awhDwe9Vr71fnqR+bcJaIuTejhx1BZKnPOorRy
	zTpxHP4ufJCGJtB0/Mtqu2+arysCgXXYXSaZylUINLwy7naD0XLbSILdYaXLBOvR
	cTcCEGUuYzwBh3U=
Mailing-List:	contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id:	<cygwin.cygwin.com>
List-Subscribe:	<mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive:	<http://sourceware.org/ml/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender:	cygwin-owner AT cygwin DOT com
Mail-Followup-To:	cygwin AT cygwin DOT com
Delivered-To:	mailing list cygwin AT cygwin DOT com
Authentication-Results:	sourceware.org; auth=none
X-Virus-Found:	No
X-Spam-SWARE-Status:	No, score=-5.4 required=5.0 tests=AWL,BAYES_00,KAM_LAZY_DOMAIN_SECURITY autolearn=no version=3.3.2
X-HELO:	calimero.vinschen.de
Date:	Sat, 11 Apr 2015 11:59:58 +0200
From:	Corinna Vinschen <corinna-cygwin AT cygwin DOT com>
To:	cygwin AT cygwin DOT com
Subject:	Re: [TESTERS needed] New POSIX permission handling
Message-ID:	<20150411095958.GD19111@calimero.vinschen.de>
Reply-To:	cygwin AT cygwin DOT com
Mail-Followup-To:	cygwin AT cygwin DOT com
References:	<20150410100703 DOT GA4401 AT calimero DOT vinschen DOT de> <87lhhzcarc DOT fsf AT Rainer DOT invalid> <5528E2ED DOT 7090105 AT gmail DOT com>
MIME-Version:	1.0
In-Reply-To:	<5528E2ED.7090105@gmail.com>
User-Agent:	Mutt/1.5.23 (2014-03-12)

--Ycz6tD7Th1CMF4v7
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Apr 11 11:01, David Macek wrote:
> On 11. 4. 2015 10:47, Achim Gratz wrote:
> > Corinna Vinschen writes:
> >> - To accommodate Windows default ACLs, the new code ignores SYSTEM and
> >>   Administrators group permissions when computing the MASK/CLASS_OBJ
> >>   permission mask on old ACLs, and it doesn't deny access to SYSTEM and
> >>   Administrators group based on the value of MASK/CLASS_OBJ when
> >>   creating the new ACLs.
>=20
> Out of curiosity, does the code somehow distinguish ACLs that don't
> have these default permissions (or have different permissions set for
> SYSTEM / Administrators)?

I don't quite understand the question.

For a start, I'd like to point out how POSIX ACLs are supposed to work.
http://linux.die.net/man/5/acl is a good start.  This is our role model.

What this new code in Cygwin does is to ignore SYSTEM and Administrators
account in a very specific way:  It ignores both accounts in terms of
the MASK (or CLASS_OBJ in Solaris speak) values in both directions:

- The "new style" ACLs contain an explicit MASK/CLASS_OBJ value.

  If the MASK/CLASS_OBJ value only allows rw- permissions, but a
  secondary user or group account has rwx permissions, Cygwin will
  generate an --x DENY ACE for this group.

  The exception here:  It won't generate this DENY for SYSTEM and
  Administrators.  So even if MASK disallows certain access, SYSTEM and
  Administrators are not affected but get their full set of permssions
  granted by the user or inheritance rules.

- The "old style" ACLs (created by native Windows means or by former
  Cygwin versions) don't have an explicit MASK.  The new Cygwin code
  generates a MASK value on the fly while reading the ACL.  This mask
  value is refelected by the group permission bits in the POSIX
  permission mask.  Since SYSTEM and Administrators often have "Full
  Access" to any object on the filesystem, that means that very often,
  the group permissions are "rwx", because the MASK value is "rwx".

  The new code will compute the mask the same way as before, but it
  skips the permissions of SYSTEM and Administrators while doing that.
  That means, the POSIX group permission bits are not affected by
  the Windows-typical permissions of SYSTEM and Administrators.

  Example:

    User            rw-
    Primary group   r--
    Other user      rw-
    Other group     r--
    SYSTEM          rwx
    Everyone        ---

  The computed POSIX MASK/CLASS_OBJ value in Cygwin 1.7.35 is the sum
  of all group and secondary user permissions

    rw- | r-- | rwx =3D=3D rwx

  The new code ignores SYSTEM, thus the mask is

    rw- | r-- =3D=3D rw-
=20=20=20=20=20
Does this explain it sufficiently?


Corinna

--=20
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Maintainer                 cygwin AT cygwin DOT com
Red Hat

--Ycz6tD7Th1CMF4v7
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBAgAGBQJVKPCeAAoJEPU2Bp2uRE+gmNAP+wSbgoZyQnlyhvDEhH6vXyHx
JsGbgIIr8RukxANWCsBqo8dEfq+UBqbKoPsqq1NXqJPqcCTQh1gV9PTbyoip5o+m
ovzzKhAXlp5JHlBDa7TJBZlT1Vw1uZP+0O3c0EiTk3SRSBnYdWg7yrsf8z+geQho
cS1HQj2agBBQLM2frRKLe83z5yYjlUHVpWxVivGH6ZJXc/PYnuUGdGK0O+GO6+Ye
rW7MyCPuIJnxRCWj0ut2ePlgzNjp4icMY9YYNpVsExlgbjXi03qr48e15ZhLwhkS
7Mznd7DhJPjmFhR2moroTcyLb7x51dNEgigXxk8PNe32HVRd+QUcXpiqZhDWb/OB
sM126NQ6GfusmKr0a+Ajh9sEj7/aTep278AN+hLt6yUR0X53PaE1H92+UxHKzY7l
kwi1GBTQAAebzOzi3tGVls1SHTwhUEstqIBrCV7mdgDFabkKqC2VvIijVvSwDuS7
ucuesL7gdhJ7FYdAdXZKbQe3HdUnroSHcVpaRQ6i1Nv7q4yPrtE2F1XNk9NSyttJ
JiybVDUdqh556CM6F64GlZmnOKMvcVlbIS3Hzzhz5E6bGl5AUDld1AVRtDRWkxL/
Fcp1v5pIwebBHrePJmkRLXCjW6SkApgpDeIt4lM6e49psVv7nO7RL9StYsnRbhgD
OSv+iF1BdD63uj++D3XG
=Jye8
-----END PGP SIGNATURE-----

--Ycz6tD7Th1CMF4v7--

- Raw text -