X-Spam-Check-By: sourceware.org Date: Thu, 30 Nov 2006 10:35:45 -0500 (EST) From: Igor Peshansky Reply-To: cygwin AT cygwin DOT com To: cygwin AT cygwin DOT com Subject: Re: backup privileges [was: [ANNOUNCEMENT] Updated: cygwin-1.5.22-1] In-Reply-To: <20061130151411.GE8792@calimero.vinschen.de> Message-ID: References: <20061130090441 DOT GA25001 AT calimero DOT vinschen DOT de> <20061130151411 DOT GE8792 AT calimero DOT vinschen DOT de> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm Precedence: bulk List-Id: List-Unsubscribe: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com On Thu, 30 Nov 2006, Corinna Vinschen wrote: > On Nov 30 09:50, Igor Peshansky wrote: > > Remember how much effort was spent trying to fix Cygwin to work for > > unprivileged users? Do you now, all of a sudden, want to break expected > > behavior for privileged users? > > I'm sorry but I really don't understand the problem. Cygwin allows > administrators to do more stuff than what they usually can do when > running a DOS shell, which is, doing stuff which they can do as admins > under any POSIX system. I don't believe the mapping is so direct. Windows's notion of Administrator is much looser (and less privileged) than the notion of "root" in Linux. > POSIX apps running under a privileged account (and the users) usually > expect to be able to do stuff which they can't when running under a > non-admin account, for instance, cd'ing into directories which have, > say, permissions set to a-rwx. Many POSIX apps also usually check for UID=0 to verify that they *are* running under a privileged account. We have told people before that those are broken, of course, but in reality, there's no easy way to check whether the account that the app is running under is privileged other than trying to perform the particular privileged operation and checking the result. > This will actually *help* admins to restore screwed up installations. > This is IMO the right thing to do. True, it is sometimes helpful to be able to do this. But most of the time you want to at least get a notification that extra privileges are needed, and some mechanism of obtaining those. I usually think of Administrators as users with sudo privileges. They do have the ability to run privileged commands, but that ability ought to be conditional on performing some action beforehand (for Cygwin, if we go with, say, a setting in $CYGWIN, the implementation of sudo may just be a shell with that setting on). > I didn't expect to get told that this is "breaking" something. It's > really weird. Usually Cygwin gets kicked for non-POSIXy behaviour. > Apparently there's no way to do something right :( Hmm, "breaking" was probably too strong of a word. I just think we'll be violating the principle of least surprise by allowing such unrestricted access, "WJM" notwithstanding. Igor -- http://cs.nyu.edu/~pechtcha/ |\ _,,,---,,_ pechtcha AT cs DOT nyu DOT edu | igor AT watson DOT ibm DOT com ZZZzz /,`.-'`' -. ;-;;,_ Igor Peshansky, Ph.D. (name changed!) |,4- ) )-,_. ,\ ( `'-' old name: Igor Pechtchanski '---''(_/--' `-'\_) fL a.k.a JaguaR-R-R-r-r-r-.-.-. Meow! Freedom is just another word for "nothing left to lose"... -- Janis Joplin -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/