Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sources.redhat.com/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
X-Injected-Via-Gmane: http://gmane.org/
To: cygwin AT cygwin DOT com
From: "L. Li" <ll2li AT engmail DOT uwaterloo DOT ca>
Subject: File/Directory Permissions and Security
Date: Sat, 12 Apr 2003 01:20:08 -0400
Lines: 29
Message-ID: <b787l5$2ul$1@main.gmane.org>
X-Complaints-To: usenet AT main DOT gmane DOT org
X-MSMail-Priority: Normal
X-Newsreader: Microsoft Outlook Express 6.00.2800.1106
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106

Hi,

I'm a Cygwin and Unix newbie (kinda anyway - it's my first time
administrating). I recently set up an openSSH server on my box via Cygwin
and I'm trying to set up proper file/directory permissions. I called a
recursive chmod so that only the owners of each object can write, while all
others can only read and execute.

After doing this, I went to verify that this was the case and logged in
under a user that was not the owner of anything but his home directory. The
home directory permissions worked great. Only he had write access. However,
outside of that, he could write to any directory he wanted to (except for
the root C and D hard drives - don't know why). I'm wondering what I have to
do to revoke write access to directories once I've ssh'ed into my box. Once
I can get this basic policy up, I'll tamper with more specific permissions
on a per object basis. But right now I can't seem to get this working.

On another note, I've noticed that chmod seems to change actual NT
file/directory permissions. But it seems to do the weirdest things. I did a
chmod 755 on a file. On opening the file security tab, it revoked all
priveleges from my own account and cleared out the Administrators privileges
too (but only on appearance). I still had access otherwise. I manually fixed
it. Thank god for permission inheritance in windows, otherwise it would have
taken a while. Any ideas?

Thanks,
L




--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/