Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sources.redhat.com/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Date: Thu, 10 Jan 2002 16:28:54 +0100
From: Corinna Vinschen <cygwin AT cygwin DOT com>
To: cygwin <cygwin AT cygwin DOT com>
Subject: Re: ksh on cygwin
Message-ID: <20020110162854.P12057@cygbert.vinschen.de>
Mail-Followup-To: cygwin <cygwin AT cygwin DOT com>
References: <200201101510 DOT g0AFA3r03758 AT dymwsm12 DOT mailwatch DOT com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <200201101510.g0AFA3r03758@dymwsm12.mailwatch.com>
User-Agent: Mutt/1.3.22.1i

On Thu, Jan 10, 2002 at 10:09:59AM -0500, Fleischer, Karsten (K.) wrote:
> > But, uhm, what exactly is a `superuser' from your point of view?
> > We don't have that concept except for SYSTEM as _the_ user which
> > is able to change user context w/o changing security policies.
> > And on 9x/Me...
> 
> Does the SYSTEM user have uid == 0? Does any user have an uid == 0?
> If not then it does not matter anyway. I can just leave it as it is.
> If in future some superuser concept might find it's way into Cygwin, this $SHELL stuff is safe already.

The problem is that by default the "Everyone" group has the uid and
gid 0.  The user can change that in the passwd and group files.
You just should stick with uid/gid 18 for the user SYSTEM.  Are you
familar with the NT security concept?  If you want to have a rough
insight how that's used in Cygwin, I suggest reading

  http://cygwin.com/cygwin-ug-net/ntsec.html

It's rather old and a bit badly maintained but it's basically still
correct.

> Oh, I forgot to mention that I changed the rename() logic a bit.
> rename("a", "b"): If "a" is really "a.exe" it is renamed to "b.exe"
> rename("a", "b.suffix"): If "a" is really "a.exe" it is nevertheless renamed to "b.suffix". The ".suffix" implies that the user knows what she's doing.
> rename("a.exe", "b"): The ".exe" suffix implies that the user knows what she's doing, too, so "a.exe" is renamed to "b"
> 
> This also holds for link().
> 
> I've taken that from UWIN, too.

Yup, that sounds reasonable to discuss.

One general question, though.  How do these changes to handle things
like U/WIN collide with the propietary U/WIN license?  We don't want
to have problems with AT&T suddenly.  Especially we don't want to
have sources taken from U/WIN.

Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Developer                                mailto:cygwin AT cygwin DOT com
Red Hat, Inc.

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/