Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sources.redhat.com/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Message-ID: <3DDBEA76.5090604@csgsystems.com>
Date: Wed, 20 Nov 2002 21:03:02 +0100
From: Christian Mueller <Christian_Mueller AT csgsystems DOT com>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.1) Gecko/20020826
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: cygwin AT cygwin DOT com
Subject: Re: .rhosts on W2K w/o ntsec
References: <3DDAB456 DOT 4000303 AT csgsystems DOT com> <3DDBD796 DOT 6050004 AT csgsystems DOT com>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
X-Scanned-By: MIMEDefang 2.15 (www dot roaringpenguin dot com slash mimedefang)

>>  > Also, the directories created by Cygwin with ntsec do have
>>  > inheritance turned on. In fact that inheritance determines the
>>  > ACL of files created by Cygwin when ntsec is off, and also the
>>  > ACL created by most Windows applications. Incidentally you
>>  > can display these "stupid permissions" with getfacl and change
>>  > them with setfacl, so you could add Administrators if needed.
>>
>> Hmmm.... it seems as if you mis-interpreted (is this a word?) my 
>> problem: The permissions set by Cygwin with "ntsec" are absolutely OK. 
>> I'm having problems with permissions set by *native* Windows programs 
>> when they create files in my Cygwin home directory....
> 
> 
> I just did some tests with CYGWIN=ntsec and it seems as if it's better 
> than it used to be a year ago or so. The only thing that doesn't work is 
> typing something like "cmd /c xxx.doc" to start the according 
> application automatically if the according file is not executable but I 
> can write a little script that looks into /proc/registry and figures out 
> how to open a file of a given type.
> 
> I'll give it a shot, convert all my files to NT security and see how it 
> goes. Thanks again.
> 
> Cheers,
> --Christian

OK -- I tried it, converted all my files to ntsec and played around 
with some programs. And, I'll go right back, remove all NT-level 
permissions and turn off ntsec.

Files saved by Windows applications such as JBuilder (actually Java 
but a Windows JRE) end up as follows:

   -r-xr-xr-x  1 root  none  59486 Nov 20 20:46 MainFrame.java*

Without ntsec, the file looks as it should:

   -rw-r--r--  1 chris users 59486 Nov 20 20:46 MainFrame.java

Furthermore, backing up the Cygwin directory to a CD with a general 
purpose CD writer program such as Nero doesn't work anymore because 
Nero can't read some of the files.

Windows is not Unix and Windows programs typically don't care about 
file permissions (especially things like "should a file be 
executable"), thus files created by Windows programs will always end 
up with incorrect permissions in Cygwin with ntsec turned on.

Back to the original question: Would it be possible to either 
(optionally) turn off the owner check in ruserok() or to respect the 
UID/GID values in the extended attributes if "CYGWIN=ntea nontsec" 
plus something like "ntea_uid"?

Cheers,
--Christian


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/