Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sources.redhat.com/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Message-ID: <005a01c26edc$43058190$1e02a8c0@VXMLDEV>
From: "Marius Seritan" <mseritan AT jacent DOT com>
To: <lhall AT rfk DOT com>, <cygwin AT cygwin DOT com>
References: <4910-220021028145424256 AT M2W044 DOT mail2web DOT com>
Subject: Re: Problem with Station/Desktop permissions
Date: Tue, 8 Oct 2002 08:06:19 -0700
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
X-Priority: 3
X-MSMail-Priority: Normal
X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2800.1106
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from base64 to 8bit by delorie.com id g98F3nL02031

Larry and cygwin-list readers,

In my own code I am using the fksec C++ library, http://www.mvps.org/win32/security/fksec.html. I am not sure if people are willing to link that library in cygwin. In the affirmative I can suggest a patch to the list that would add the appropriate ACEs to the Station and Desktop SDs, instead of replacing them with a null SD. 

Note that I am not an NT security expert, I can only contribute some code that is working for me.

Marius

----- Original Message ----- 
From: <lhall AT pop DOT ma DOT ultranet DOT com>
To: <mseritan AT jacent DOT com>; <cygwin AT cygwin DOT com>
Sent: Tuesday, October 08, 2002 7:54 AM
Subject: RE: Problem with Station/Desktop permissions


Hi Marius,

I don't believe there is any active work going on in the area that you 
mention.  It seems to change and improve on an "as-needed" basis based
on bug reports and the like.  If you are interested in suggesting a 
patch, I'm sure the list would be interested in reviewing your ideas.

Larry

Original Message:
-----------------
From: Marius Seritan mseritan AT jacent DOT com
Date: Mon, 7 Oct 2002 14:32:47 -0700
To: cygwin AT cygwin DOT com
Subject: Problem with Station/Desktop permissions



<snip>

From what I see from the sources, cygwin is also adjusting the permissions
on the station\desktop. The approach taken in spawn.cc is a lot more
radical though, the security descriptor is basically blown away. This seems
to break my code. 

Has anybody else encountered this problem? Are there plans to move to a
more nuanced approach when adjusting the permissions on the window
stations/desktop?

Thanks for any pointers/comments.

Marius Seritan
Engineering
mseritan AT jacent DOT com


--------------------------------------------------------------------
mail2web - Check your email from the web at
http://mail2web.com/ .