| delorie.com/archives/browse.cgi | search |
| X-Recipient: | archive-cygwin AT delorie DOT com |
| DomainKey-Signature: | a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id |
| :list-unsubscribe:list-subscribe:list-archive:list-post | |
| :list-help:sender:date:from:to:subject:message-id:reply-to | |
| :references:mime-version:content-type:in-reply-to; q=dns; s= | |
| default; b=dx1+LrjpdLOaR8jkMoiO1FKDpuUzjjIvmrawm+j6oZICBF8CPFG+X | |
| +C1d1VKVR3N7vCrSRfA0uxTigw33fN1czt9JE/rmKwed5BmQ5K9J4ygCqt6EwWjx | |
| A1Gi/TqTpgHAfqp4iFR0w5ExIOFVP207ehkU6xCjWwfHqFsOUpcE54= | |
| DKIM-Signature: | v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id |
| :list-unsubscribe:list-subscribe:list-archive:list-post | |
| :list-help:sender:date:from:to:subject:message-id:reply-to | |
| :references:mime-version:content-type:in-reply-to; s=default; | |
| bh=0WEsT7ueFVougI9pvwbI9At7gnk=; b=oBegWMfWS366C0zWZhTbv6x148dH | |
| JGe9C+9NZzJ8Ameb09pVM01OECMSxmDtC2HKVhikWzpkDlNm31tzj+IbgNnowUMq | |
| S5KaisIq4NTKsp2EHSCwn8oQ+KhaTJqL/O3vs9F2mL6cYi7npVwl27XgKjWMcTdR | |
| RLUMCcxXeqcDpyk= | |
| Mailing-List: | contact cygwin-help AT cygwin DOT com; run by ezmlm |
| List-Id: | <cygwin.cygwin.com> |
| List-Subscribe: | <mailto:cygwin-subscribe AT cygwin DOT com> |
| List-Archive: | <http://sourceware.org/ml/cygwin/> |
| List-Post: | <mailto:cygwin AT cygwin DOT com> |
| List-Help: | <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs> |
| Sender: | cygwin-owner AT cygwin DOT com |
| Mail-Followup-To: | cygwin AT cygwin DOT com |
| Delivered-To: | mailing list cygwin AT cygwin DOT com |
| Authentication-Results: | sourceware.org; auth=none |
| X-Virus-Found: | No |
| X-Spam-SWARE-Status: | No, score=-96.3 required=5.0 tests=AWL,BAYES_00,GOOD_FROM_CORINNA_CYGWIN,KAM_LAZY_DOMAIN_SECURITY,RCVD_IN_PBL,RCVD_IN_SORBS_DUL,RDNS_DYNAMIC autolearn=ham version=3.3.2 spammy=love, earth, ace, hear |
| X-HELO: | calimero.vinschen.de |
| Date: | Fri, 24 Jun 2016 21:54:38 +0200 |
| From: | Corinna Vinschen <corinna-cygwin AT cygwin DOT com> |
| To: | cygwin AT cygwin DOT com |
| Subject: | Re: POSIX permission mapping and NULL SIDs |
| Message-ID: | <20160624195438.GC27089@calimero.vinschen.de> |
| Reply-To: | cygwin AT cygwin DOT com |
| Mail-Followup-To: | cygwin AT cygwin DOT com |
| References: | <D392BA70.95D4%billziss AT navimatics DOT com> <20160624195144 DOT GB27089 AT calimero DOT vinschen DOT de> |
| MIME-Version: | 1.0 |
| In-Reply-To: | <20160624195144.GB27089@calimero.vinschen.de> |
| User-Agent: | Mutt/1.6.1 (2016-04-27) |
--MfFXiAuoTsnnDAfZ Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Jun 24 21:51, Corinna Vinschen wrote: > On Jun 24 18:07, Bill Zissimopoulos wrote: > > Could my mapping of the NULL SID somehow interfere with Cygwin=E2=80=99= s ACL > > mapping? No way right? Turns out that: yes! File:winsup/cygwin/sec_acl.= cc, > > line:787 >=20 > Read the comment at the beginning of the file explaining how new-style > ACLs look like. >=20 > > Allow me to say that I find this a *gross* hack. You are subverting the > > Windows ACL mechanism to store information that it was not designed to > > store. I would love to hear a good rationale for this decision. >=20 > The usage of NULL SID ACEs to store special POSIX permission bits is > long-standing behaviour, first implemented by U/Win and later adopted by > Cygwin. That older version is using Access-allowed NULL SID ACEs for > *ages* to store ISVTX, ISGID and ISUID bits. The new implementation > uses access-denied NULL SID ACEs to store the same bits, plus the POSIX > MASK bits. Another access-denied NULL SID ACEs with the "Inherit Only" > bit set is used to specify the same info for the POSIX default ACL. >=20 > > BTW, this also appears to break BashOnWindows: see [BASHW] >=20 > I'm not overly sympathetic. Cygwin's implementation is older. If > Microsoft provides full support for POSIX permission bits plus POSIX > ACLs including useful documentation, I'm willing to reconsider. And > matching patches are welcome of course. >=20 > What strikes me as weird is that nobody from the UoW side is trying > to work with Cygwin ACLs or even trying to communicate with us to > define and implement POSIX ACLs in a documented, generic way for both > systems. And why on earth does an access-denied NULL SID ACE affect SoW *at all*? Corinna --=20 Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Maintainer cygwin AT cygwin DOT com Red Hat --MfFXiAuoTsnnDAfZ Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJXbY/+AAoJEPU2Bp2uRE+gYU0P/jRXllNBCz0ttXOefI3JfVv/ HvBGlQyF738PqksLHxvJQe9gty9kAu+Ft3fZuyu9oNtTOZQlglauarr5Jb4lyvQn dQPx68xkiyw0nWueaE8rwLUHYWmuaufpUwUu7Ns+zEacjedTOUAIPSnhDWvS8aXO WyN2gJxSXFmcqnLWdcm2z3zU23M6tRKdOOG2TUFFjI/oC4sK19ysnBHPIiOssD3X RnDumydtTgX0Qe7w77ON/ATdcuUckN3/OAAJ6+m47k9mmz/wPZk/OOzB9j9UaMRv ffLg5QwJFovEX8u0TT2wiA8WQeIZ/9X0S22fMYzlmVXKZFYgBOV92BRTrZtb0lKN FaHtv+Ip3dz57/OS6aP4OBjqnOAAWgrZvyKGxVbBiiJBJTm8sYdYdgjMWe0wsRgw ylS6SspqkXv1zBfU1sUa0y13gFUaWAPq8hvxFJxaNY18s7KKKzE0fnsex6mS8hXS Kla8rJaq6v3qq1ja9luTkHvQcCPRkLq7q9fHl3BFC+j8wuYTAdgO/aRItQvmz3mx Y+Z1Ayl14VzkkAGv6UeQNKGO6Jmn7pCqmxms0WcZNyUwAibnNxkp4qbj11K029tC uAod0Af20f6+N2lDlSaCE/HC41tC0qcwBBUZ6r/u8mtnsqF3B3ifnHTyVG1D4ei2 9nNjz5cjQSNtxffrY88O =oif3 -----END PGP SIGNATURE----- --MfFXiAuoTsnnDAfZ--
| webmaster | delorie software privacy |
| Copyright © 2019 by DJ Delorie | Updated Jul 2019 |