Mail Archives: cygwin-developers/2002/10/22/17:46:49

delorie.com/archives/browse.cgi

search

Mail Archives: cygwin-developers/2002/10/22/17:46:49

Mailing-List: contact cygwin-developers-help AT cygwin DOT com; run by ezmlm

List-Subscribe: <mailto:cygwin-developers-subscribe AT cygwin DOT com>

List-Archive: <http://sources.redhat.com/ml/cygwin-developers/>

List-Post: <mailto:cygwin-developers AT cygwin DOT com>

List-Help: <mailto:cygwin-developers-help AT cygwin DOT com>, <http://sources.redhat.com/ml/#faqs>

Sender: cygwin-developers-owner AT cygwin DOT com

Delivered-To: mailing list cygwin-developers AT cygwin DOT com

Message-ID: <3DB5C7B1.B87C8364@ieee.org>

Date: Tue, 22 Oct 2002 17:48:33 -0400

From: "Pierre A. Humblet" <Pierre DOT Humblet AT ieee DOT org>

X-Accept-Language: en,pdf

MIME-Version: 1.0

To: cygwin-developers AT cygwin DOT com

Subject: Re: Avoiding /etc/passwd and /etc/group scans

References: <20021022162432 DOT GF514 AT redhat DOT com> <3DB58CBD DOT 87B2BDD8 AT ieee DOT org> <20021022181947 DOT GA4729 AT redhat DOT com> <3DB5A076 DOT ABAFF076 AT ieee DOT org> <20021022191217 DOT GD4828 AT redhat DOT com> <3DB5AB53 DOT B434ED90 AT ieee DOT org> <20021022202004 DOT GA6995 AT redhat DOT com> <3DB5BA56 DOT A76B6463 AT ieee DOT org> <20021022211930 DOT GF6429 AT redhat DOT com> <1035321750 DOT 1455 DOT 14 DOT camel AT lifelesswks> <20021022213133 DOT GI6429 AT redhat DOT com>

Christopher Faylor wrote:
>
> Why would that matter?  If setting reasonable acls is going to hurt the
> CYGWIN=nontsec case then that's not good either.

Setting reasonable acls has no negative impact, neither with ntsec nor
with nontsec. nontsec has two main effects;

1) It reports the modes blindly as 644, while making some effort about the
x bits, *irrespective* of the Windows access rights.

2) It always  reports success on chown, chmod etc... while actually
doing nothing (except sometimes setting the files readonly).

> >Here's a short term workaround, until we fix setup.exe.
> >
> >Add a .bat file as a postinstall script that scans the cygwin tree and
> >sets executable rights to .exe and .dll files using the cacls command.
> 
> If it is that simple, then sure.  Pierre is this doable?

Surely yes if the user running setup is a member of the administrators group
and the drive is local.
Answer probably more complicated if he isn't in administrators or the files
are on a network drive.
You can use cygwin programs to do that, if they were extracted with x permission
and ntsec is on.

I am completely in the dark about what your ultimate goal is.
was there an earlier discussion?

Pierre

- Raw text -

webmaster	delorie software privacy
Copyright © 2019 by DJ Delorie	Updated Jul 2019

Mailing-List:	contact cygwin-developers-help AT cygwin DOT com; run by ezmlm
List-Subscribe:	<mailto:cygwin-developers-subscribe AT cygwin DOT com>
List-Archive:	<http://sources.redhat.com/ml/cygwin-developers/>
List-Post:	<mailto:cygwin-developers AT cygwin DOT com>
List-Help:	<mailto:cygwin-developers-help AT cygwin DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender:	cygwin-developers-owner AT cygwin DOT com
Delivered-To:	mailing list cygwin-developers AT cygwin DOT com
Message-ID:	<3DB5C7B1.B87C8364@ieee.org>
Date:	Tue, 22 Oct 2002 17:48:33 -0400
From:	"Pierre A. Humblet" <Pierre DOT Humblet AT ieee DOT org>
X-Accept-Language:	en,pdf
MIME-Version:	1.0
To:	cygwin-developers AT cygwin DOT com
Subject:	Re: Avoiding /etc/passwd and /etc/group scans
References:	<20021022162432 DOT GF514 AT redhat DOT com> <3DB58CBD DOT 87B2BDD8 AT ieee DOT org> <20021022181947 DOT GA4729 AT redhat DOT com> <3DB5A076 DOT ABAFF076 AT ieee DOT org> <20021022191217 DOT GD4828 AT redhat DOT com> <3DB5AB53 DOT B434ED90 AT ieee DOT org> <20021022202004 DOT GA6995 AT redhat DOT com> <3DB5BA56 DOT A76B6463 AT ieee DOT org> <20021022211930 DOT GF6429 AT redhat DOT com> <1035321750 DOT 1455 DOT 14 DOT camel AT lifelesswks> <20021022213133 DOT GI6429 AT redhat DOT com>