Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Date: Sun, 8 Aug 2004 12:17:52 -0400
From: "Pierre A. Humblet" <pierre DOT humblet AT ieee DOT org>
To: cygwin AT cygwin DOT com
Subject: base-files-profile.sh, man.sh [Was: Re: Cygwin permissions problem]
Message-ID: <20040808161752.GA1097747@Worldnet>
References: <20040807231444 DOT GA36304397 AT hpn5170> <000301c47d0d$996311b0$0100a8c0 AT asswipe>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <000301c47d0d$996311b0$0100a8c0@asswipe>
User-Agent: Mutt/1.4.1i

On Sat, Aug 07, 2004 at 11:04:43PM -0700, Fish wrote:
> 
> Pierre A. Humblet wrote:
> 
> > setup is a Windows program. The files it creates have
> > the inheritable permissions of the parent directory.
> 
> Well then it must not be setup that's doing it then. <shrug>

Right. Thanks for the cacls info. What's happening is this:

1) All files created by setup have ACL:

> c:\ BUILTIN\Administrators:(OI)(CI)F 
>     PIGFUCKER\Friends:(OI)(CI)F 
>     NT AUTHORITY\SYSTEM:(OI)(CI)F 
Note that neither you personally, nor the standard group, Users,
nor Everyone has any access. So ls -l shows no permissions and
a "+". Nonetheless you have full access because you are in Admins.

2) When the sh postinstall scripts run (with ntsec), they create
files according to POSIX rules. The owner is you. Fish, the group
is Users. 

3) Files that are created from scratch (e.g. /etc/passwd) have OK
permissions. 

4) However man.sh and base-files-profile.sh (and perhaps others) use
cp, which copies the (umasked) permission bits from the source
file, ignoring the acl. Thus you have no access to the files
copied from /etc/defaults. 

What should be done? I see two avenues.
a) One could run the postinstall scripts (except those that chown
or chmod) with nontsec. They would then create files with the normal
Windows inheritance rules and one would have uniform permissions
for all files, whether created by setup or by postinstall scripts.
b) Scripts that use cp should create an empty destination file before 
doing the cp (or call chmod after cp, or set nontsec before cp).

Pierre

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/