X-Recipient: archive-cygwin@delorie.com
DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:date:from:to:subject:message-id:reply-to
	:references:mime-version:content-type:in-reply-to; q=dns; s=
	default; b=PQD6AbhHHe7Uykg2Iq1e8PX8MUwLeJ1/mvDJtnre2Q3InNvOA7G6f
	iU6cDJZ1BjueQHcesxOQuFhzwz6HHPKRWwT0lc+l7bPuKfIOhypF/bmscWoTpYxB
	bzJ/5erfeK03D/4jO8wyy8scVC5/ln9+/+9KHrum+qbeKyn79sozKo=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:date:from:to:subject:message-id:reply-to
	:references:mime-version:content-type:in-reply-to; s=default;
	 bh=OKrUUL+UBqQN+5Pgw+HxnIb0pZU=; b=CzNJqvmP+V4Td8Wf2xPjTUK6DQVP
	MWKM/C69qdCjWPcVDAPXY0wfZGbOXEhL7C+Ji3/kcLMNOCX4vrpP5M8PFSgkqJ8B
	61JO+8gGSl32V2cCQb9QDtBfGDUFHHo672MgX7dUb/3GSEBJ2lCHy+vubOTiAqmS
	fGbZSJ2jD5hwq14=
Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe@cygwin.com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin@cygwin.com>
List-Help: <mailto:cygwin-help@cygwin.com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner@cygwin.com
Mail-Followup-To: cygwin@cygwin.com
Delivered-To: mailing list cygwin@cygwin.com
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=-5.9 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.3.2
X-HELO: calimero.vinschen.de
Date: Thu, 13 Nov 2014 23:17:06 +0100
From: Corinna Vinschen <corinna-cygwin@cygwin.com>
To: cygwin@cygwin.com
Subject: Re: /usr/local, /var and */tmp in c:\Users\Public
Message-ID: <20141113221706.GX2782@calimero.vinschen.de>
Reply-To: cygwin@cygwin.com
Mail-Followup-To: cygwin@cygwin.com
References: <81578012-FD3F-4463-BC56-ADB092317DD4@etr-usa.com> <CABa6CEkRV=3FY6ZVGrdt--rH3PppwCJRD5poU0L2knv2k2ce_w@mail.gmail.com> <25F385A9-3E2D-44FC-998F-D2672F67DFE4@etr-usa.com> <m40npq$vrq$1@ger.gmane.org> <ECD073FF-B78C-4D19-8DE1-5F4E390D2495@etr-usa.com> <20141113093335.GI2782@calimero.vinschen.de> <40005E53-A327-4E4A-8C71-514E505F9FBC@etr-usa.com> <20141113213005.GV2782@calimero.vinschen.de> <B19F8A26-44EB-46E6-A1DE-EC4E32274A35@etr-usa.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;	protocol="application/pgp-signature"; boundary="utew04vv9FCWZJ01"
Content-Disposition: inline
In-Reply-To: <B19F8A26-44EB-46E6-A1DE-EC4E32274A35@etr-usa.com>
User-Agent: Mutt/1.5.23 (2014-03-12)

--utew04vv9FCWZJ01
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Nov 13 14:39, Warren Young wrote:
> On Nov 13, 2014, at 2:30 PM, Corinna Vinschen <corinna-cygwin@cygwin.com>=
 wrote:
>=20
> > On Nov 13 14:09, Warren Young wrote:
> >>=20
> >> http://etr-usa.com/cygwin/ls-perms.png
> >=20
> > icacls output would be more helpful than a picture.
>=20
> $ icacls ls.exe
> ls.exe MOSSYMAZE\Warren:(F)
>        MOSSYMAZE\Warren:(RX)
>        Everyone:(RX)
>=20
> > It doesn't work when running under a non-admin account.
>=20
> Every other Windows setup program is playing by that same restriction.

Setup tries to install with (explicit) POSIX permissions, not with
(inherited) Windows permissions.  It's not quite the same thing.

> > However, the *other* idea is that if you install with an elevated Setup,
> > your account is an admin account anyway.  Ideally when you install
> > Cygwin for multiple users, you're using an account you're not using for
> > daily usage.
>=20
> Couldn=E2=80=99t the Cygwin non-user files be owned by SYSTEM instead of =
the installing user?

In a corporate model this might make sense, but for the home user?  I'm
not so sure about SYSTEM, though.  Administrator/Administrators sounds
right to me.  SYSTEM?  Hmm.  As I said, at one point back in the early
1.7 days setup did something like that, but we got complaints.  I don't
remember the details.  But if we do something like that again, it should
be configurable.  Maybe the "Just Me"/"All users" choice is sufficient
if explained sufficiently in the GUI?

Also, who's going to do that?  The coding part, I mean.  Lots of what's
required is already in setup, but I can't write it often enough (it's
an obsession probably): I would be very glad for developers not shy
making their hands dirty.


Corinna

--=20
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Maintainer                 cygwin AT cygwin DOT com
Red Hat

--utew04vv9FCWZJ01
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJUZS3hAAoJEPU2Bp2uRE+gSZ4P/REB5cBir0EvS0DyMImyBTxY
WreznuTJdJyPUpfuibJ2RfyWthIiXVzTj0+f/vRzMa71/fKhtdKrPDOF0UKELK2y
1WGScVlJnBITLC30POElLOWKldM9X9BEj/gkcavF/bWLS0rDph8f/LPUweqC7DX0
vCAaS624B/Ita7jWrB2r4oOFRmjZG5gxEr972apIlLebshWrq2PgqqSi1sgJa7R4
PD0so8J3BQ2dG4YPSDIwqO/e+g2tZeHEG1uwd5g3yD5UppbwT2YbKMHRDVtawmDw
NUVEYVUHf3ZPpQvF1I3PeOAIRmxRTLPPtr/20ehBbT2pIGCWxbOf/nSZJYBbQvs/
lsjJyNUqhA2QiL6B/NGa00RNJmSGhO9pGX3BlY/TDcXqeZUHUNNu8c59hbPJLKo2
gTKepPjFz5tIhMO2S0zWsdxWe9dWVIDioxcWhZgOeXdWoVyPiSmrsCmzv2KsexxU
U5jm02UGgmxdiOMvfJ5Ld+3+XjfDZezNEq9AhrmYBqScYbPSHh2LJLqFv1ATApgn
uQ7pWvQ+uz0Kvq6nQJ4y7NQRmADsee2b4/qD5zVXjKWQj9FLTXQ+VQMELiA/JbnD
E08cTEQUQLi+WKeTgOmEsXlbgCa+0RA7aPFZxsSXN5he9shMDdcneByahfviPg7U
mhkmndFdZ9csw1yJjqVB
=zZFZ
-----END PGP SIGNATURE-----

--utew04vv9FCWZJ01--