Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com Date: Sat, 14 Dec 2002 18:09:32 -0500 From: "Pierre A. Humblet" To: cygwin AT cygwin DOT com Subject: Re: ntsec and remote copy Message-ID: <20021214230931.GA34213745@HPN5170X> Mail-Followup-To: "Pierre A. Humblet" , cygwin AT cygwin DOT com References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4i On Thu, Dec 12, 2002 at 12:00:51PM -0000, Kris Thielemans wrote: > Remaining questions: > - is there another way to prevent specific users access to telnet or ftp ? > (or ssh when I get round to installing sshd) ? Edit /etc/passwd and set the shell field to /something/invalid/but/not/empty > - I still don't understand why certain cygwin programs could read the file > and others not (see mail below). It can't be NT, because I could obviously > read/write all files I created myself using NT programs. So, I have the > impression that some cygwin programs use ntsec in different ways. For > example, cat or vi could read the file with an unrecognised owner, but > test -r couldn't. (I recently reinstalled and upgraded the whole of cygwin, > so I don't think it's because I have old versions lying around). test -r does not read the file. It relies on permission bits to predict if you can read the file. Unfortunately Windows works with acls. It is not possible to perfectly map all acls into permission bits. In this case the prediction was incorrect. Pierre -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Bug reporting: http://cygwin.com/bugs.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/