X-Recipient: archive-cygwin AT delorie DOT com
X-Spam-Check-By: sourceware.org
Date: Tue, 11 Aug 2009 13:48:20 +0200
From: Corinna Vinschen <corinna-cygwin AT cygwin DOT com>
To: cygwin AT cygwin DOT com
Subject: Re: Perl bug (was Re: [1.7] cygwin allows writing to readonly 	files)
Message-ID: <20090811114820.GE3204@calimero.vinschen.de>
Reply-To: cygwin AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
References: <e2480c70908100619m906f5dfj794823f22c7604bc AT mail DOT gmail DOT com> <20090810132515 DOT GP3204 AT calimero DOT vinschen DOT de> <e2480c70908100911j520101cftbaf4dc3eb08b109e AT mail DOT gmail DOT com> <20090810164057 DOT GV3204 AT calimero DOT vinschen DOT de> <6910a60908101701m77bcb1b3x55e48d028bf35ef0 AT mail DOT gmail DOT com> <6910a60908101949k5f2ce354p1ccda7f2acd9927f AT mail DOT gmail DOT com> <20090811070045 DOT GZ3204 AT calimero DOT vinschen DOT de> <6910a60908110344n56b7a7f9j9ead9ceeae6a1608 AT mail DOT gmail DOT com>
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <6910a60908110344n56b7a7f9j9ead9ceeae6a1608@mail.gmail.com>
User-Agent: Mutt/1.5.19 (2009-02-20)
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
Precedence: bulk
List-Id: <cygwin.cygwin.com>
List-Unsubscribe: <mailto:cygwin-unsubscribe-archive-cygwin=delorie DOT com AT cygwin DOT com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com

On Aug 11 12:44, Reini Urban wrote:
> 2009/8/11 Corinna Vinschen:
> > That might be a good workaround nevertheless.  You should just test the
> > list of supplementary groups as well, along these lines:
> 
> We already have an ingroup() check in this Perl_cando() function, so
> there is no
> need to write it again. But it is disabled in perl core for this code path.
> See http://perl5.git.perl.org/perl.git/blob/HEAD:/doio.c#l1929
> It would be:
>     if (ingroup(544,effective))
> 	return TRUE;		/* Administrators read and write anything */
> but this is simply not true, as under unix. Windows Administrators
> fall under the same ACL restrictions as normal users. So only using
> access() is reliable.

I don't understand what you're tryin to say.  The members of the Admin
group have always write access to files due to the SE_BACKUP_NAME
privilege enabled in Cygwin.


Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Project Co-Leader          cygwin AT cygwin DOT com
Red Hat

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple