X-Recipient: archive-cygwin@delorie.com
X-Spam-Check-By: sourceware.org
Message-ID: <4919B55D.10606@cygwin.com>
Date: Tue, 11 Nov 2008 11:39:57 -0500
From: "Larry Hall (Cygwin)" <reply-to-list-only-lh@cygwin.com>
Reply-To: cygwin@cygwin.com
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.16) Gecko/20080723 Fedora/2.0.0.16-1.fc8 Lightning/0.9 Thunderbird/2.0.0.16 Mnenhy/0.7.5.0
MIME-Version: 1.0
To: cygwin@cygwin.com
Subject: Re: Cygwin Everyone group permissions and Vista "shared files" 	(*not*  shared folders)
References: <5e4cc4153gf115hcpi4ilk2s787klg6sra@4ax.com> <20080929165252.GC11053@calimero.vinschen.de> <20080930163346.GK11053@calimero.vinschen.de> <20415300.post@talk.nabble.com> <20081110115230.GA2884@calimero.vinschen.de> <7j5ih4pea29aj7pnmn186b8uitoeboetkb@4ax.com>
In-Reply-To: <7j5ih4pea29aj7pnmn186b8uitoeboetkb@4ax.com>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe@cygwin.com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin@cygwin.com>
List-Help: <mailto:cygwin-help@cygwin.com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner@cygwin.com
Mail-Followup-To: cygwin@cygwin.com
Delivered-To: mailing list cygwin@cygwin.com

Barry Kelly wrote:
> Corinna Vinschen wrote:
> 
>> No, it's not feasible.  If you leave out the Everyone ACE, the
>> permissions are not POSIX-like anymore.  Leaving out means that others
>> have no permissions at all.  Not even to see the permissions.  That's
>> not correct from a POSIX POV.
> 
>> Even if others don't have rwx
>> permissions, they need at least FILE_READ_ATTRIBUTES and READ_DAC
>> permissions.  This requires to have an Everyone ACE.
> 
> Why can't we have a security toggle that leaves out the Everyone ACE,
> and the POSIX subsystem interprets failure to read the DACL as no
> permissions?
> 
> Cygwin still needs to handle with files created by other users and
> programs that it doesn't have permission to view the permissions of, so
> the second half of this requirement is already present.
> 
> I, for one, use Cygwin not primarily as a POSIX emulation layer, but as
> my main Windows user interface. IMHO in this situation, being posixly
> correct is a handicap that Cygwin could do without, at the user's
> choice.

So what about the "nontsec" option doesn't address your need then?
<http://cygwin.com/cygwin-ug-net/using-cygwinenv.html>

-- 
Larry Hall                              http://www.rfk.com
RFK Partners, Inc.                      (508) 893-9779 - RFK Office
216 Dalton Rd.                          (508) 893-9889 - FAX
Holliston, MA 01746

_____________________________________________________________________

A: Yes.
 > Q: Are you sure?
 >> A: Because it reverses the logical flow of conversation.
 >>> Q: Why is top posting annoying in email?

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/