Mail Archives: cygwin/2015/04/23/14:45:18

delorie.com/archives/browse.cgi

search

Mail Archives: cygwin/2015/04/23/14:45:18

X-Recipient: archive-cygwin AT delorie DOT com

DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id

:list-unsubscribe:list-subscribe:list-archive:list-post

:list-help:sender:from:to:subject:references:date:in-reply-to

:message-id:mime-version:content-type:content-transfer-encoding;

q=dns; s=default; b=TMe9IXTDG3a8pWKVtOMMO0OIl6RMnEYZLLTgPdrDBRD

zNP9KDCmyUIR2bTpk7/Ma3Y/ZSFG27qfTXxe92VIJmzCSQUuoj4gNW10UPfylBH7

5ikbmRdbS7ClhEvp9dUYfer6RIv0qSe6g3xivrpm8O95a+ijIgL3IvC3ukWdkimY

=

DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id

:list-unsubscribe:list-subscribe:list-archive:list-post

:list-help:sender:from:to:subject:references:date:in-reply-to

:message-id:mime-version:content-type:content-transfer-encoding;

s=default; bh=XP0nOqF9/HiATiMZ6BlbcjFJn7g=; b=Pw7R97wgPiUl8B3FD

NsJwGWnePi2NI3Y2MSzRQ5ZkXKZdyoY+o0lT5p1KBZbGbJ4CrDVagy5+2280iOvT

3NZxxrVHKRiBEItrThXQY37ch7d9KW1t8Vu5UQXmfk7111/6hzDdQltj4r2P3X2N

zwbN4pkswbV4McgAlj7LndgCrA=

Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm

List-Id: <cygwin.cygwin.com>

List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>

List-Archive: <http://sourceware.org/ml/cygwin/>

List-Post: <mailto:cygwin AT cygwin DOT com>

List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>

Sender: cygwin-owner AT cygwin DOT com

Mail-Followup-To: cygwin AT cygwin DOT com

Delivered-To: mailing list cygwin AT cygwin DOT com

Authentication-Results: sourceware.org; auth=none

X-Virus-Found: No

X-Spam-SWARE-Status: No, score=-1.6 required=5.0 tests=AWL,BAYES_00,RCVD_IN_DNSWL_NONE,SPF_PASS autolearn=ham version=3.3.2

X-HELO: mail-in-10.arcor-online.net

X-DKIM: Sendmail DKIM Filter v2.8.2 mail-in-12.arcor-online.net 3lXncS2hPtz19KD

From: Achim Gratz <Stromeko AT nexgo DOT de>

To: cygwin AT cygwin DOT com

Subject: Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 2.0.0-0.7

References: <announce DOT 20150417103517 DOT GV3657 AT calimero DOT vinschen DOT de> <loom DOT 20150421T111734-742 AT post DOT gmane DOT org> <20150421121559 DOT GY3657 AT calimero DOT vinschen DOT de> <87a8y15rie DOT fsf AT Rainer DOT invalid> <20150422090440 DOT GB3657 AT calimero DOT vinschen DOT de> <877ft480zp DOT fsf AT Rainer DOT invalid> <20150423083446 DOT GG3657 AT calimero DOT vinschen DOT de>

Date: Thu, 23 Apr 2015 20:44:52 +0200

In-Reply-To: <20150423083446.GG3657@calimero.vinschen.de> (Corinna Vinschen's message of "Thu, 23 Apr 2015 10:34:46 +0200")

Message-ID: <877ft2ptuj.fsf@Rainer.invalid>

User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.0.50 (gnu/linux)

MIME-Version: 1.0

X-MIME-Autoconverted: from quoted-printable to 8bit by delorie.com id t3NIjGSg003060

Corinna Vinschen writes:
> You may be right here.  The problem is that we have two kinds of ACLs
> to handle, the ones created by Windows means, and the ones created
> by recent or older Cygwin versions.  It's rather bad that we can't
> distinguish them.

IĀ thought that this was the point of the NULL SID ACL entries?

> But then, how do you check an arbitrary ACL for the effective rights
> it creates for all affected parties?  I may be missing some API function.
> but I don't see a Windows function generating some kind of effective
> ACL.  There's only the function AccessCheck() which gets a token and an
> ACL as input and then tells you the effective rights of the user with
> this token.  This gets very slow and complicated, very quickly.

Right.

> I hate to admit defeat, but it also seems that the method I used to
> handle real vs. effective rights just doesn't work as desired.  In
> theory we don't want the DENY ACEs having any effect before visiting the
> ALLOW ACEs.
[ā€¦]

I don't think the ACL rules on Windows are made for that due to the
early-out aspect of their semantics.

> This needs yet another rewrite, but this will take a lot longer than
> this first cut.  I guess we should create a new Cygwin release without
> this new ACL handling change for now to get the bugfixes out.

Yes, getting the fixes out and shelving the ACL part for some
re-thinking seems like a good idea.


Regards,
Achim.
-- 
+<[Q+ Matrix-12 WAVE#46+305 Neuron microQkb Andromeda XTk Blofeld]>+

Wavetables for the Waldorf Blofeld:
http://Synth.Stromeko.net/Downloads.html#BlofeldUserWavetables

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

- Raw text -

webmaster	delorie software privacy
Copyright © 2019 by DJ Delorie	Updated Jul 2019

X-Recipient:	archive-cygwin AT delorie DOT com
DomainKey-Signature:	a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:from:to:subject:references:date:in-reply-to
	:message-id:mime-version:content-type:content-transfer-encoding;
	q=dns; s=default; b=TMe9IXTDG3a8pWKVtOMMO0OIl6RMnEYZLLTgPdrDBRD
	zNP9KDCmyUIR2bTpk7/Ma3Y/ZSFG27qfTXxe92VIJmzCSQUuoj4gNW10UPfylBH7
	5ikbmRdbS7ClhEvp9dUYfer6RIv0qSe6g3xivrpm8O95a+ijIgL3IvC3ukWdkimY
	=
DKIM-Signature:	v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:from:to:subject:references:date:in-reply-to
	:message-id:mime-version:content-type:content-transfer-encoding;
	s=default; bh=XP0nOqF9/HiATiMZ6BlbcjFJn7g=; b=Pw7R97wgPiUl8B3FD
	NsJwGWnePi2NI3Y2MSzRQ5ZkXKZdyoY+o0lT5p1KBZbGbJ4CrDVagy5+2280iOvT
	3NZxxrVHKRiBEItrThXQY37ch7d9KW1t8Vu5UQXmfk7111/6hzDdQltj4r2P3X2N
	zwbN4pkswbV4McgAlj7LndgCrA=
Mailing-List:	contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id:	<cygwin.cygwin.com>
List-Subscribe:	<mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive:	<http://sourceware.org/ml/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender:	cygwin-owner AT cygwin DOT com
Mail-Followup-To:	cygwin AT cygwin DOT com
Delivered-To:	mailing list cygwin AT cygwin DOT com
Authentication-Results:	sourceware.org; auth=none
X-Virus-Found:	No
X-Spam-SWARE-Status:	No, score=-1.6 required=5.0 tests=AWL,BAYES_00,RCVD_IN_DNSWL_NONE,SPF_PASS autolearn=ham version=3.3.2
X-HELO:	mail-in-10.arcor-online.net
X-DKIM:	Sendmail DKIM Filter v2.8.2 mail-in-12.arcor-online.net 3lXncS2hPtz19KD
From:	Achim Gratz <Stromeko AT nexgo DOT de>
To:	cygwin AT cygwin DOT com
Subject:	Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 2.0.0-0.7
References:	<announce DOT 20150417103517 DOT GV3657 AT calimero DOT vinschen DOT de> <loom DOT 20150421T111734-742 AT post DOT gmane DOT org> <20150421121559 DOT GY3657 AT calimero DOT vinschen DOT de> <87a8y15rie DOT fsf AT Rainer DOT invalid> <20150422090440 DOT GB3657 AT calimero DOT vinschen DOT de> <877ft480zp DOT fsf AT Rainer DOT invalid> <20150423083446 DOT GG3657 AT calimero DOT vinschen DOT de>
Date:	Thu, 23 Apr 2015 20:44:52 +0200
In-Reply-To:	<20150423083446.GG3657@calimero.vinschen.de> (Corinna Vinschen's message of "Thu, 23 Apr 2015 10:34:46 +0200")
Message-ID:	<877ft2ptuj.fsf@Rainer.invalid>
User-Agent:	Gnus/5.13 (Gnus v5.13) Emacs/25.0.50 (gnu/linux)
MIME-Version:	1.0
X-MIME-Autoconverted:	from quoted-printable to 8bit by delorie.com id t3NIjGSg003060