X-Recipient: archive-cygwin AT delorie DOT com DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:date:from:to:subject:message-id:reply-to :references:mime-version:content-type:in-reply-to; q=dns; s= default; b=ajgb93D08CBLYaSvyWDMl8Cx3ZBAnF+813kWID9lX3epuO8apPFmn KGHfM71tphXRpJ34xqWiyZf4PsXTzOogHBqAFMWKs+Xv2rdsKyrxpOgFiaqMJUkC 1SdsWEQYhfwKOehz3vaDampXK4Iq705avKnw+RyO1FOgD4+RNA/5RM= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:date:from:to:subject:message-id:reply-to :references:mime-version:content-type:in-reply-to; s=default; bh=pL3ff+ZWZ8V4K5Cj37fz2ghIrZU=; b=ODsFrDfKrv4HzOUH22vPr2VJpWdA UdQKud5mDK3hSvo4JkyvTaFkQ0BNXoBoM/B0D/4thg4c3LUl6EmF42Jx8b3MKKQv nNfaJ1xpKjIMidTarh/CQal+RW1Rba8vNbUBvuH7dmpPV2YA6oNQ8VwI5d3VpEgX 8N+Q0Z+zuArYHWs= Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-5.4 required=5.0 tests=AWL,BAYES_00,KAM_LAZY_DOMAIN_SECURITY autolearn=no version=3.3.2 X-HELO: calimero.vinschen.de Date: Wed, 12 Aug 2015 20:32:20 +0200 From: Corinna Vinschen To: cygwin AT cygwin DOT com Subject: Re: Shares with strange ACL settings Message-ID: <20150812183220.GO13029@calimero.vinschen.de> Reply-To: cygwin AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com References: <20150812152601 DOT GL13029 AT calimero DOT vinschen DOT de> <20150812155817 DOT GN13029 AT calimero DOT vinschen DOT de> <878u9g9y6b DOT fsf AT Rainer DOT invalid> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="Jl+DbTnyraiZ/loT" Content-Disposition: inline In-Reply-To: <878u9g9y6b.fsf@Rainer.invalid> User-Agent: Mutt/1.5.23 (2014-03-12) --Jl+DbTnyraiZ/loT Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Aug 12 20:09, Achim Gratz wrote: > Corinna Vinschen writes: > > Cygwin is aware of them and access(2) explicitely checks for them. That > > obviously doesn't help for applications like perl, who "know better" > > than the underlying OS how to evaluate perms. >=20 > Perl is making use of an explicit guarantee in POSIX' ACL specification, > placed there in order to be backwards compatible to a system without > ACL. Whether it is a good idea to do this is debatable of course and I > might hunt that code path down in Perl and squash it in some future > release. It nevertheless is chink in Cygwin's shiny armor of "hey, > we're POSIX of the Linux flavor". >=20 > FWIW, Git seems to have an explicit check for POSIXPERMS in order to > sort out systems that don't conform exactly to that expectation. >=20 > > It does. Another, *very* simple idea is this: Spill the group and > > other perms into the user bits only if the owner of the file is the > > current user. Would that help? >=20 > I think so, but there are likely some corner cases. But I think that > had been proposed and shot down already, so I was trying to come up with > something less intrusive. This is relatively unintrusive. The current user token is always available. So if owner =3D=3D current user, for every group in the file's ACL just check if it's in the current user token and, if so, add the perms of that group to the owner perms. Sounds pretty neat as an intermediate solution to me. Corinna --=20 Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Maintainer cygwin AT cygwin DOT com Red Hat --Jl+DbTnyraiZ/loT Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJVy5E0AAoJEPU2Bp2uRE+g7scP/0sjLtsNTiNMqV3kv95szC6N e261XkOlJ4HRVLjY+l29165Jc86DfzBUD3qedRjlHjv00K9/+nlacEO3WrxMMNlr /22Ja0kpYSY5BWOvYR3Aq805Fl+mG8eVmkmLje21N806AIkqUijTkvuGq474nbh3 nPC7TJQNmROdkt6nUyiypn9H0wxsacDkBr5oW0C4e7srgmUBJIsHxgzMBUwzfdt+ H8DzRGzVpBFxkZxaoL20KfXlAzU1j9BQ08pHlSkG/df+j+XI4timlp4rv/mk3JJo Qw9zmQ6hCcY063DaB92KuEOEWOV9nE7BZickwBBkofYLLXUyrR9V8qaUiIxQzRNb hecBA6OG0e+hmeBALPoijXK2cQrYeaRYsjOc6YeeKw4l8llFux60zjWMz18cqvUQ Kqz69pHctAQbxR/5rkweprR30bp+igozjHSbhvdXgGY3eWT1p67+RCq5tcO1LJIj +A/XqFcjoL+I4ZdORXFdrsbDZf93FqVpchIKnqaCkT6uonjTEBFDCE8VFo9WmzbO +ctV5tAw/gcHi6u6eeGOwygu49/iFmtShOFiieL8ti8R5/RQXKT/UFR0nJ0NZchn GwE44TCqu5GSZQhzuPXZ4GyhiAulm7VSb1F5eOkIqvl4zKOJ1uT7gpG0Zuycrmmy zQ6PqpOHVHvsiXpvUPpg =iYQ2 -----END PGP SIGNATURE----- --Jl+DbTnyraiZ/loT--