delorie.com/archives/browse.cgi   search  
Mail Archives: cygwin-developers/2002/11/03/23:36:40

Mailing-List: contact cygwin-developers-help AT cygwin DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-developers-subscribe AT cygwin DOT com>
List-Archive: <http://sources.redhat.com/ml/cygwin-developers/>
List-Post: <mailto:cygwin-developers AT cygwin DOT com>
List-Help: <mailto:cygwin-developers-help AT cygwin DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender: cygwin-developers-owner AT cygwin DOT com
Delivered-To: mailing list cygwin-developers AT cygwin DOT com
Message-Id: <3.0.5.32.20021103233543.00816100@mail.attbi.com>
X-Sender: phumblet AT mail DOT attbi DOT com
Date: Sun, 03 Nov 2002 23:35:43 -0500
To: Robert Collins <rbcollins AT cygwin DOT com>, cygwin-developers AT cygwin DOT com
From: "Pierre A. Humblet" <Pierre DOT Humblet AT ieee DOT org>
Subject: Re: Solving ntsec problems?
In-Reply-To: <1036361355.22120.31.camel@lifelesswks>
References: <20021103215859 DOT GA21874 AT redhat DOT com>
<20021103180437 DOT GA19854 AT redhat DOT com>
<3 DOT 0 DOT 5 DOT 32 DOT 20021103142141 DOT 00815cf0 AT h00207811519c DOT ne DOT client2 DOT attbi DOT com>
<20021103215859 DOT GA21874 AT redhat DOT com>
Mime-Version: 1.0

At 09:09 AM 11/4/2002 +1100, Robert Collins wrote:
>
>> OTOH, one thing that we could do is only turn on executable bits that
>> exist in the tar archives since those are still available..  We could
>> have something which does a fixup only on extracted files which are
>> supposed to be executable.
>
>I'd rather extract the ntsec unix->win32 acl logic to a static library
>that both cygwin1.dll and setup.exe can incorporate. 

Isolating ntsec in a library is a big job, unnecessary. 
Setup probably needs only a small part of ntsec. Copying some 
functions from sec_acl.cc and security.cc should be enough.

It seems to me that the main thing we want setup to set is the acl 
entry for the owner (which will Administrators if the user running
setup is privileged) and for Everyone (i.e. both group and other).
What else do you want to control?
That shouldn't even require reading the passwd file. 

Pierre

- Raw text -


  webmaster     delorie software   privacy  
  Copyright © 2019   by DJ Delorie     Updated Jul 2019