X-Recipient: archive-cygwin AT delorie DOT com
X-Spam-Check-By: sourceware.org
From: Barry Kelly <bkelly DOT ie AT gmail DOT com>
To: cygwin AT cygwin DOT com
Subject: Re: Cygwin Everyone group permissions and Vista "shared files" 	(*not* shared folders)
Date: Tue, 11 Nov 2008 05:31:50 +0000
Message-ID: <7j5ih4pea29aj7pnmn186b8uitoeboetkb@4ax.com>
References: <5e4cc4153gf115hcpi4ilk2s787klg6sra AT 4ax DOT com> <20080929165252 DOT GC11053 AT calimero DOT vinschen DOT de> <20080930163346 DOT GK11053 AT calimero DOT vinschen DOT de> <20415300 DOT post AT talk DOT nabble DOT com> <20081110115230 DOT GA2884 AT calimero DOT vinschen DOT de>
In-Reply-To: <20081110115230.GA2884@calimero.vinschen.de>
X-Mailer: Forte Agent 4.2/32.1117
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-IsSubscribed: yes
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from quoted-printable to 8bit by delorie.com id mAB5WhhJ015909

Corinna Vinschen wrote:

> No, it's not feasible.  If you leave out the Everyone ACE, the
> permissions are not POSIX-like anymore.  Leaving out means that others
> have no permissions at all.  Not even to see the permissions.  That's
> not correct from a POSIX POV.

> Even if others don't have rwx
> permissions, they need at least FILE_READ_ATTRIBUTES and READ_DAC
> permissions.  This requires to have an Everyone ACE.

Why can't we have a security toggle that leaves out the Everyone ACE,
and the POSIX subsystem interprets failure to read the DACL as no
permissions?

Cygwin still needs to handle with files created by other users and
programs that it doesn't have permission to view the permissions of, so
the second half of this requirement is already present.

I, for one, use Cygwin not primarily as a POSIX emulation layer, but as
my main Windows user interface. IMHO in this situation, being posixly
correct is a handicap that Cygwin could do without, at the user's
choice.

-- Barry

-- 
http://barrkel.blogspot.com/

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/