X-Recipient: archive-cygwin AT delorie DOT com
DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:date:from:reply-to:message-id:to:subject
	:in-reply-to:references:mime-version:content-type
	:content-transfer-encoding; q=dns; s=default; b=rs3nHU1gxDqxjS0b
	JT7pZtpEuNJhYjtu7ymAjzjopHKCgo6IFPzLefYSWjKIE4Emf+LM24drJknUPEFP
	J+f+NM3kQ+bouvpI0IUYtYj/CpNYZ+DjMt07wTv7vbAW4H+JhIYBPKdjDh0ZkPMX
	u9lyG+1B9Q6boltK1eRv8jYKlJA=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:date:from:reply-to:message-id:to:subject
	:in-reply-to:references:mime-version:content-type
	:content-transfer-encoding; s=default; bh=yrxWQLIaf7yav1bKZa27jv
	0p1gE=; b=tKoV6EkqsNt9G/3KH2mqI3i0fOQ72Ko4Ol2qMG58srrNHZ1XFhgB+E
	RGuz28jb/7hQcMvQpnjx+s3DC99ULFIf4O4W31P897llSqol9vm8m3S0y7/Cx/6C
	HyUBUIrpx+TWvk9wjxDK7bZ0x6r9YlYnh9Dr234rdruWYzDO+MIrw=
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=3.6 required=5.0 tests=AWL,BAYES_50,FREEMAIL_FROM,KAM_THEBAT,SPF_SOFTFAIL autolearn=no version=3.3.2
X-HELO: smtpback.ht-systems.ru
Date: Thu, 28 Aug 2014 17:23:37 +0400
From: Andrey Repin <anrdaemon AT yandex DOT ru>
Reply-To: cygwin AT cygwin DOT com
Message-ID: <187704841.20140828172337@yandex.ru>
To: Corinna Vinschen <cygwin AT cygwin DOT com>
Subject: Re: (call-process ...) hangs in emacs
In-Reply-To: <20140828100112.GQ20700@calimero.vinschen.de>
References: <53E39BAD DOT 3010004 AT redhat DOT com> <53E3CB46 DOT 1020909 AT cornell DOT edu> <53E3F2AE DOT 7030608 AT redhat DOT com> <53E4D01B DOT 9010005 AT cornell DOT edu> <53F1F154 DOT 1020702 AT cornell DOT edu> <53FB87DC DOT 2050908 AT cornell DOT edu> <87wq9v9j2y DOT fsf AT Rainer DOT invalid> <53FD0662 DOT 5050208 AT cornell DOT edu> <20140827084245 DOT GD20700 AT calimero DOT vinschen DOT de> <17910052714 DOT 20140828010203 AT yandex DOT ru> <20140828100112 DOT GQ20700 AT calimero DOT vinschen DOT de>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-IsSubscribed: yes

Greetings, Corinna Vinschen!

>> > faccessat/access/eaccess don't try to be intelligent by themselves.
>> > Rather they just call a Windows function if the filesystem is mounted
>> > with "acl" mount flags:
>> 
>> > - Fetch file's security descriptor
>> > - Create process impersonation token.
>> > - Call NtAccessCheck
>> > - If NtAccessCheck returns "not allowed", check for backup/restore
>> >   privileges via NtPrivilegeCheck.
>> 
>> > In "noacl" mode or on filesystems not supporting ACLs, access uses the
>> > st_mode flags from stat() to figure out the permissions.
>> 
>> I'm not very much into Cygwin internals, so beg pardon if I got something
>> wrong here... But reading this makes my internal sanity checker go into red
>> alarm state.
>> 
>> Here's why:
>> 
>> When Cygwin mount a filesystem with 'acl' flag set, it mangles current ACL's
>> set on the files to produce something that can be understood as basic POSIX
>> 'ugly'...erm, 'ugo' permissions. Behavior least desirable in many cases.
>> You say, it will then use native functions to determine access rights... No
>> wonder they will work, since you already mangled them to suit your needs.
>> 
>> When Cygwin mount a filesystem with 'noacl' flag, thus let OS use true ACL's
>> (a feature Windows implemented surprisingly fast, while *NIX was only
>> proposing it... for far too long without any result in sight), it is then
>> followed by some magic and guesswork on Cygwin's end to find out access
>> rights.
>> 
>> If you ask me, something isn't quite right here. Or something is missing.

> It's what "acl" means on Cygwin.  "acl" means that Windowsd ACLs are used
> and permissions are handled and converted to and from POSIX permissions.
> "noacl" means, Cygwin ignores all ACLs and fakes ownership and POSIX
> permissions only based only on filetype and DOS R/O attribute, as it has
> to on filesystems not supporting ACLs, like FAT/FAT32.

Got it.
It seems, Cygwin need a middle groung between these two for cases, where FS
support access control, but don't want to be mangled.


--
WBR,
Andrey Repin (anrdaemon AT yandex DOT ru) 28.08.2014, <17:22>

Sorry for my terrible english...


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple