delorie.com/archives/browse.cgi   search  
Mail Archives: cygwin/2020/03/27/08:57:48

X-Recipient: archive-cygwin AT delorie DOT com
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 27D87385E03A
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cygwin.com;
s=default; t=1585313823;
bh=IT6jumm/F6TgyWATkDF4dQEbgUtaLSMVFTQ2CSxn7Fo=;
h=References:In-Reply-To:Date:Subject:To:List-Id:List-Unsubscribe:
List-Archive:List-Post:List-Help:List-Subscribe:From:Reply-To:
From;
b=JpzT4BQxkoQUNHxnMIC3XeTzS3waVL79VCNHRFJWMBzcYrDcE1/Hj5xyut8uMQFNU
gTP0XifZSq/qNVoyjY+140ARvbVu5uj7zaogTX6Cb9C5LSbCaFxs1hsY5vJ4Tuyurl
IUp7FOF2g3JQ/M6ieOKUnC7SMZXZ5BO680glKTPU=
X-Original-To: cygwin AT cygwin DOT com
Delivered-To: cygwin AT cygwin DOT com
DMARC-Filter: OpenDMARC Filter v1.3.2 sourceware.org 87656385E009
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20161025;
h=x-gm-message-state:mime-version:references:in-reply-to:from:date
:message-id:subject:to;
bh=uSIjTigPMQi64N05Zfvy23bVn1yfgjUzv29T2SQcwRU=;
b=SC6NEZ4aLXcb+d/kSSq+XNG44gSBR8Uv6psH5galV/iFa8bSr0K0t/PL+/HNiZhWT3
hoULS8xmJ0UHEROglcy1ZdEPy7lzj7RoJrmXTfZuN5wG3a91shMHzNUdgbzcsHZkROG/
cc0cza7NFdknprEe9J8LBeNOcsMGY/g1d4JPpFEADTP9ptdjZnnbT34ZzgnU9nNf8paN
7L6s8vu2tDdYMs4nRYR4XF2UpS7Z2zqsKOiPcY92FBB+WN9L0vr6QzSvfORc7pETCxX0
3gP0rtWMimCugRvK2rVoxNiaSUbFZn9zs3EfDDct57qZulTCeAI5HIPkXLTwyU+SEf1/
lu2g==
X-Gm-Message-State: ANhLgQ0POJeZnxb3/SCztxIYxhSJOMrUjQ8npRn+9ZKC1TTljJb/WX4p
mVMXePKI3flsXERFxdTXE6/htvjbuKqoa3N4S/zhZUsU
X-Google-Smtp-Source: APiQypJWcU+qNWVCWLE5fVrc7OnJpbwwQiC2r0yd1Ej5c4W+TUSAbJNGZ3BGrgGgMagRaN0lsjzNsLYzWI6P9Izf3aY=
X-Received: by 2002:a2e:9013:: with SMTP id h19mr8458844ljg.101.1585313818877;
Fri, 27 Mar 2020 05:56:58 -0700 (PDT)
MIME-Version: 1.0
References: <CABPLASQZ+g7juLdwd_z=GEqdtga2AcS4P6_E8P4SKDas0+KiwQ AT mail DOT gmail DOT com>
<459837604 DOT 20200327125155 AT yandex DOT ru>
In-Reply-To: <459837604.20200327125155@yandex.ru>
Date: Fri, 27 Mar 2020 13:56:48 +0100
Message-ID: <CABPLASRJzpaJ67NztNcH490Hyzr-wrvmhFdsWQmXLRJ9wAfW=A@mail.gmail.com>
Subject: Re: ACL: Why SYSTEM doesn't have full access set on newly created
files?
To: cygwin AT cygwin DOT com
X-Spam-Status: No, score=-1.6 required=5.0 tests=BAYES_00, DKIM_SIGNED,
DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FREEMAIL_ENVFROM_END_DIGIT,
FREEMAIL_FROM, HTML_MESSAGE, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS,
TXREP autolearn=ham autolearn_force=no version=3.4.2
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on
server2.sourceware.org
X-Content-Filtered-By: Mailman/MimeDel 2.1.29
X-BeenThere: cygwin AT cygwin DOT com
X-Mailman-Version: 2.1.29
List-Id: General Cygwin discussions and problem reports <cygwin.cygwin.com>
List-Archive: <http://cygwin.com/pipermail/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-request AT cygwin DOT com?subject=help>
List-Subscribe: <http://cygwin.com/mailman/listinfo/cygwin>,
<mailto:cygwin-request AT cygwin DOT com?subject=subscribe>
From: Kacper Michajlow via Cygwin <cygwin AT cygwin DOT com>
Reply-To: Kacper Michajlow <kasper93 AT gmail DOT com>
Sender: "Cygwin" <cygwin-bounces AT cygwin DOT com> 

 > It is easily fixable by mounting directories outside Cygwin tree with
"noacl" flag.
> It is even required to do so, if you expect interoperation between Cygwin
and
> native tools.

Indeed, this is acceptable workaround for me. Then again it is not really
interoperable out of the box, even tho it may looks like. I mean all
Windows drives are mounted, you can easily jump through all directories,
mess with them until you find that it doesn't work and it is " required" to
access those files differently. One may be fooled by the seemingly no
boundary between Cygwin and Windows.

> Don't do that on Cygwin directory tree, you break Cygwin doing this.

I was talking about project cloned outside Cygwin tree, by using Cygwin's
git. I do understand that Cygwin sysroot is it's own thing.
Also the Cygwin tree have let say "normal" permissions set. I mean there is
not deny on SYSTEM and so on.

> Answered multiple time in the last 20 years. Read the docs.

If it were so easy to find. And it was changed like 5 years ago how ACLs
are handled, so I really doubt it was described 20 years ago. I just wanted
to understand why SYSTEM described in Cygwin's docs as "A special account
which has all kinds of dangerous rights, sort of an uber-root account."
have those rights limited.

> They are in correct order. Just not canonical order, which Explorer only
supports.

I was not implying they are in incorrect order... The question was, could
Cygwin apart from having permissions in correct order, have them in
Explorer compatible order also?

> Yes.

Thank you for comprehensive answer.

-Kacper
--
Problem reports:      https://cygwin.com/problems.html
FAQ:                  https://cygwin.com/faq/
Documentation:        https://cygwin.com/docs.html
Unsubscribe info:     https://cygwin.com/ml/#unsubscribe-simple

- Raw text -


  webmaster     delorie software   privacy  
  Copyright © 2019   by DJ Delorie     Updated Jul 2019