Mail Archives: cygwin/2020/01/06/12:02:32

delorie.com/archives/browse.cgi

search

Mail Archives: cygwin/2020/01/06/12:02:32

X-Recipient: archive-cygwin AT delorie DOT com

DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id

:list-unsubscribe:list-subscribe:list-archive:list-post

:list-help:sender:date:from:to:subject:message-id:references

:mime-version:content-type:in-reply-to; q=dns; s=default; b=scM2

dRwPkqQIOHlKIga1hWz208J1NElRnI0Hpe4A+ZMUg2EZ1WVvwzczcTeooXyMNczD

4TO2m1HQERcEHCulrLV+nB2lRvbnz7+TbiAVJRRWyYEiqUWj3T8NAFL/SSaOwpL0

BpWnnaN5y0yx4Vu/LzJMOfuES/qRi3iISZzJ0jY=

DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id

:list-unsubscribe:list-subscribe:list-archive:list-post

:list-help:sender:date:from:to:subject:message-id:references

:mime-version:content-type:in-reply-to; s=default; bh=L2isYBSn4B

o6rAnbiT4GiB7cc80=; b=a1M1Tt3Zd9/OgepBnfliti5Mie7JIqlwyRMplj98S6

aXuZjz7bt0NcyJdBhLS4xE5jaKb3aLuh021azPUKlMGSjT5x7k66fALn8XOHWlrQ

McgB/0+2Wn5LVHcllZBhRMbtj5JHrdcdmOKgDzwJk1XtZvItmharnQX9bBmoqkw0

I=

Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm

List-Id: <cygwin.cygwin.com>

List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>

List-Archive: <http://sourceware.org/ml/cygwin/>

List-Post: <mailto:cygwin AT cygwin DOT com>

List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>

Sender: cygwin-owner AT cygwin DOT com

Mail-Followup-To: cygwin AT cygwin DOT com

Delivered-To: mailing list cygwin AT cygwin DOT com

Authentication-Results: sourceware.org; auth=none

X-Spam-SWARE-Status: No, score=-5.5 required=5.0 tests=BAYES_00,GIT_PATCH_2,KHOP_HELO_FCRDNS,RDNS_DYNAMIC autolearn=ham version=3.3.1 spammy=owners, appdata, competing, AppData

X-HELO: wolf.rettoggalt.com

Date: Mon, 6 Jan 2020 17:01:30 +0000

From: Ubuntu <ubuntu AT wolf DOT rettoggalt DOT com>

To: cygwin AT cygwin DOT com, Brian Inglis <Brian DOT Inglis AT SystematicSw DOT ab DOT ca>

Subject: Re: bash /cmd disagree about owner and permissions to executable

Message-ID: <20200106170119.GA5590@wolf.rettoggalt.com>

References: <be51ce26-fc60-3b6a-02f1-9470431dbd8f AT SystematicSw DOT ab DOT ca>

MIME-Version: 1.0

In-Reply-To: <be51ce26-fc60-3b6a-02f1-9470431dbd8f@SystematicSw.ab.ca>

User-Agent: Mutt/1.9.4 (2018-02-28)

To recap, after removing excessive terminal output documentation in earlier mails:

> I installed python3.8 from the "Microsoft Store".
> Then I could run "python3 myscript.py" in a 'cmd' terminal but not in a mintty/bash terminal.
> The bash terminal gave "permission denied".
> 
> Investigating, I found that the PATH variable pointed to a python3.exe in the directory
> C:\Users\Heidi\AppData\Local\Microsoft\WindowsApps.
> 
> Using /bin/ls or using "cmd /c dir /q" would display different owners:
>
> > ls:  -rwxr-x--- 1 Unknown+User Unknown+Group 0 des 26 19:25     python3.exe
> > cmd: 26.12.2019  19.25                 0 PANTER\Heidi           python3.exe
>
> Noting the byte count of zero, I found the file is a reparse point of some "unknown Microsoft" type pointing to
>
> > C:\Program Files\WindowsApps\<very long folder name>\python3.8.exe
>
> (The reparse point type was "unknown" as per Mark Russnivitch's fsutil.exe of 2005.)
> 
> The permissions on "Program Files\WindowsApps" are quite restricted indeed.

On Mon, Dec 30, 2019 at 01:35:53PM -0700, Brian Inglis wrote:
> https://stackoverflow.com/questions/58296925/what-is-zero-byte-executable-files-in-windows#comment102978067_58296925
> 
> "This is a special type of app-execution reparse point that's used to set up the
> security context for running a UWP app. CreateProcessW reparses this internally
> in order to allow individual users to run a particular app."

Very interesting indeed.

But one important question remains: Why do we get "Permission Denied" when 
running from bash, not when running from cmd?

Some derived questions:

Doesn't bash call CreateProcessW?

Should it?

If "CreateProcessW reparses this internally in order to allow individual
users to run a particular app", how does CreateProcessW do that?

What does it base its decisions on?

Has Microsoft implemented a new, competing security system?

Where does the new security system store the permissions?

Are we going to see more and more Windows program becoming
unavailable to Cygwin?

Does cygwin need to reverse engineer this new security system?

Besides I notice that I can do "cygstart myscript.py", and the program runs.
However, it runs in a cmd window that disappears immediately upon termination.

Regards, 
Enrique Perez-Terron

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

- Raw text -

webmaster	delorie software privacy
Copyright © 2019 by DJ Delorie	Updated Jul 2019

X-Recipient:	archive-cygwin AT delorie DOT com
DomainKey-Signature:	a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:date:from:to:subject:message-id:references
	:mime-version:content-type:in-reply-to; q=dns; s=default; b=scM2
	dRwPkqQIOHlKIga1hWz208J1NElRnI0Hpe4A+ZMUg2EZ1WVvwzczcTeooXyMNczD
	4TO2m1HQERcEHCulrLV+nB2lRvbnz7+TbiAVJRRWyYEiqUWj3T8NAFL/SSaOwpL0
	BpWnnaN5y0yx4Vu/LzJMOfuES/qRi3iISZzJ0jY=
DKIM-Signature:	v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:date:from:to:subject:message-id:references
	:mime-version:content-type:in-reply-to; s=default; bh=L2isYBSn4B
	o6rAnbiT4GiB7cc80=; b=a1M1Tt3Zd9/OgepBnfliti5Mie7JIqlwyRMplj98S6
	aXuZjz7bt0NcyJdBhLS4xE5jaKb3aLuh021azPUKlMGSjT5x7k66fALn8XOHWlrQ
	McgB/0+2Wn5LVHcllZBhRMbtj5JHrdcdmOKgDzwJk1XtZvItmharnQX9bBmoqkw0
	I=
Mailing-List:	contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id:	<cygwin.cygwin.com>
List-Subscribe:	<mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive:	<http://sourceware.org/ml/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender:	cygwin-owner AT cygwin DOT com
Mail-Followup-To:	cygwin AT cygwin DOT com
Delivered-To:	mailing list cygwin AT cygwin DOT com
Authentication-Results:	sourceware.org; auth=none
X-Spam-SWARE-Status:	No, score=-5.5 required=5.0 tests=BAYES_00,GIT_PATCH_2,KHOP_HELO_FCRDNS,RDNS_DYNAMIC autolearn=ham version=3.3.1 spammy=owners, appdata, competing, AppData
X-HELO:	wolf.rettoggalt.com
Date:	Mon, 6 Jan 2020 17:01:30 +0000
From:	Ubuntu <ubuntu AT wolf DOT rettoggalt DOT com>
To:	cygwin AT cygwin DOT com, Brian Inglis <Brian DOT Inglis AT SystematicSw DOT ab DOT ca>
Subject:	Re: bash /cmd disagree about owner and permissions to executable
Message-ID:	<20200106170119.GA5590@wolf.rettoggalt.com>
References:	<be51ce26-fc60-3b6a-02f1-9470431dbd8f AT SystematicSw DOT ab DOT ca>
MIME-Version:	1.0
In-Reply-To:	<be51ce26-fc60-3b6a-02f1-9470431dbd8f@SystematicSw.ab.ca>
User-Agent:	Mutt/1.9.4 (2018-02-28)