X-Recipient: archive-cygwin AT delorie DOT com
X-Spam-Check-By: sourceware.org
Date: Wed, 7 Jan 2009 15:27:02 +0100
From: Corinna Vinschen <corinna-cygwin AT cygwin DOT com>
To: cygwin AT cygwin DOT com
Subject: Re: [BUG 1.7] Read-only files are not.
Message-ID: <20090107142702.GB19133@calimero.vinschen.de>
Reply-To: cygwin AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
References: <495C00DF DOT 5020208 AT acm DOT org> <loom DOT 20090101T000200-655 AT post DOT gmane DOT org> <20090101033830 DOT GA23640 AT ednor DOT casa DOT cgf DOT cx>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20090101033830.GA23640@ednor.casa.cgf.cx>
User-Agent: Mutt/1.5.17 (2007-11-01)
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
Precedence: bulk
List-Id: <cygwin.cygwin.com>
List-Unsubscribe: <mailto:cygwin-unsubscribe-archive-cygwin=delorie DOT com AT cygwin DOT com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com

On Dec 31 22:38, Christopher Faylor wrote:
> On Thu, Jan 01, 2009 at 12:06:40AM +0000, Eric Blake wrote:
> >David Rothenberger <daveroth <at> acm.org> writes:
> >>It seems that read-only files in Cygwin 1.7 are not truly read-only.
> >>The sequence of steps below shows that "chmod 444 file1" does not make
> >>the file read-only in Cygwin 1.7, while it does in Cygwin 1.5.  It may
> >>have something to do with the Read Only DOS attribute.  This is set by
> >>Cygwin 1.5 but not by Cygwin 1.7.  If I manually set it for Cygwin 1.7,
> >>the file does become read-only.
> >
> >Are you perchance running as an Administrator, and therefore you have
> >backup privileges?  If so, then you have root-like power, and cygwin
> >exposes that by opening files with intent to backup even when the ACLs
> >would otherwise make the file unreadable.  Therefore, even though none
> >of S_IRUSR, S_IRGRP, S_IROTH are set in the posixy st_mode bits,
> >access(file, R_OK) returns 0 and open() is able to exploit your
> >root-like powers to read that file.
> >
> >I thought Corinna mentioned this in the release notes.
> 
> Ah, right.  I remember when Corinna removed the "DOS" read-only bit.

The idea is that it doesn't make sense to utilize the DOS R/O attribute
for POSIX permissions if the file system supports real security, as NTFS
does.
 
> I am running with Administrator privileges so I guess this behavior
> makes sense.

Yep.


Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Project Co-Leader          cygwin AT cygwin DOT com
Red Hat

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/