X-Recipient: archive-cygwin AT delorie DOT com
X-Spam-Check-By: sourceware.org
To: cygwin AT cygwin DOT com
From: Gmane User <fma AT doe DOT carleton DOT ca>
Subject:  Re: Admin can read user file from bash, despite permissions
Date:  Thu, 10 Apr 2008 11:16:31 -0400
Lines: 23
Message-ID: <ftlbap$rpc$2@ger.gmane.org>
References:  <ftkisc$jj1$1 AT ger DOT gmane DOT org> <47FDD33A DOT 63F0088A AT dessent DOT net> <ftl9vr$lcm$1 AT ger DOT gmane DOT org>
Mime-Version:  1.0
Content-Type:  text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding:  7bit
User-Agent: Thunderbird 2.0.0.12 (Windows/20080213)
In-Reply-To: <ftl9vr$lcm$1@ger.gmane.org>
X-IsSubscribed: yes
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
Precedence: bulk
List-Id: <cygwin.cygwin.com>
List-Unsubscribe: <mailto:cygwin-unsubscribe-archive-cygwin=delorie DOT com AT cygwin DOT com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com

Gmane User wrote:
> Brian Dessent wrote:
>> Gmane User wrote:
>>
>>> CACLS shows an extensive set of permissions for the power user owner,
>>> but only READ_CONTROL, FILE_READ_EA, & FILE_READ_ATTRIBUTES for
>>> LaptopName\None and Everyone.  I've come across nothing on the web
>>> (yet) about a special privilege that allows administrators the level
>>> of access that it seems to have.  In fact, if I just open up a DOS
>>> shell as Administrator, I cannot "more" the said file.  So it seems to
>>> be specific to Cygwin rather than Windows.
>>
>> Um: <http://cygwin.com/ml/cygwin/2008-04/msg00218.html>
>>
>> This is the relevant part:
>>
>>> Cygwin uses this to simulate the unix semantics of "root" (i.e. total
>>> access to anything regardless of permissions)
> 
> 
> Thanks for reiterating, Brian.

Oh, I should have mentioned that Diskeeper probably uses the privilege since it managed to defrag the files that the built-in defragger, JkDefrag, and Ultra Defragmenter could not.


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/