X-Recipient: archive-cygwin AT delorie DOT com
X-Spam-Check-By: sourceware.org
To: cygwin AT cygwin DOT com
From: Gmane User <fma AT doe DOT carleton DOT ca>
Subject:  Admin can read user file from bash, despite permissions
Date:  Thu, 10 Apr 2008 04:19:15 -0400
Lines: 23
Message-ID: <ftkisc$jj1$1@ger.gmane.org>
Mime-Version:  1.0
Content-Type:  text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding:  7bit
User-Agent: Thunderbird 2.0.0.12 (Windows/20080213)
X-IsSubscribed: yes
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com

I have a power user file that has go-rwx.  However, the administrator
account can "less" the contents from a bash command line.  This is
both logging onto Windows 2000 as admin, as well as ssh'ing in
(loopback) from the power user log-in session.  The administrator can
also "mv" the file to a different name, but it can't create a new file
in the same folder e.g. by "cp".

CACLS shows an extensive set of permissions for the power user owner,
but only READ_CONTROL, FILE_READ_EA, & FILE_READ_ATTRIBUTES for
LaptopName\None and Everyone.  I've come across nothing on the web
(yet) about a special privilege that allows administrators the level
of access that it seems to have.  In fact, if I just open up a DOS
shell as Administrator, I cannot "more" the said file.  So it seems to
be specific to Cygwin rather than Windows.

I've read up on ntsec in the Cygwin user guide, but nothing seems to
explain the admin access to the file.  However, it is new material to
me, so I might be missing it.  If the explanation is there, could
someone point to the particular paragraph, and perhaps elaborate on
how that explains the access I observe?  If the explanation isn't
there, what is the explanation?

Thanks.


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/