DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:date:from:to:subject:message-id:reply-to
	:references:mime-version:content-type:in-reply-to; q=dns; s=
	default; b=LWyDing5vZfiCMU+dOX45vzFVHCH3K9Rj2EZ22ufP9fEpFDOUEriw
	FDXvIBn/SAR3xPI6Qklu+pcjCAJr7HOGBV8gAHkhldG8SxygwlJPqfiP28swtZXG
	KpXUMGCUownMvlSEoOWTuQQDh7lHJIS3Z1K7n8jwhIaBZe2hPvdoYM=
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Date: Fri, 24 Jun 2016 23:59:48 +0200
From: Corinna Vinschen <corinna-cygwin AT cygwin DOT com>
To: cygwin AT cygwin DOT com
Subject: Re: POSIX permission mapping and NULL SIDs
Message-ID: <20160624215948.GD27089@calimero.vinschen.de>
Reply-To: cygwin AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
References: <D392BA70.95D4%billziss AT navimatics DOT com> <20160624195144 DOT GB27089 AT calimero DOT vinschen DOT de> <D392F074.962E%billziss AT navimatics DOT com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256;	protocol="application/pgp-signature"; boundary="kfjH4zxOES6UT95V"
Content-Disposition: inline
In-Reply-To: <D392F074.962E%billziss@navimatics.com>
User-Agent: Mutt/1.6.1 (2016-04-27)

--kfjH4zxOES6UT95V
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Jun 24 21:37, Bill Zissimopoulos wrote:
> On 6/24/16, 12:51 PM, "Corinna Vinschen" <cygwin-owner AT cygwin DOT com on
> behalf of corinna-cygwin AT cygwin DOT com> wrote:
> >Not yet.  We're coming from the other side.  We always have *some* SID.
> >pwdgrp::fetch_account_from_windows() in uinfo.cc tries to convert the SID
> >to a passwd or group entry.  If everything fails, the SID is used in this
> >passwd/group entry verbatim, but mapped to uid/gid -1.
>=20
> I also noticed that there is no uid mapping for nobody. On my OSX box it
> is -2. On many other POSIX systems it appears to be the 32-bit or 16-bit
> equivalent of -2.

In fact it's an entirely arbitrary choice.  On Fedora Linux, for instance,
there is no "nogroup", but there is:

/etc/passwd:

  nobody:x:99:99:Nobody:/:/sbin/nologin
  nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin

/etc/group:

  nobody:x:99:
  nfsnobody:x:65534:

Note the 65534 here.  This is -2 *if* the remote system uses 16 bit
signed uid/gid values.  However, these days uid/gid values are at least
32 bit, so -2 kind of lost its meaning.

> For the time being I am mapping unknown SID=E2=80=99s to -1 as per Cygwin.

We could kick this around a bit and maybe reserve -2, 99  or 65534 for
an arbitrary "nobody" account.  But since we're on Windows the SID value
is important, not so much the uid/gid values.

> >If you want some specific mapping we can arrange that, but it must not
> >be the NULL SID.  If you know you're communicating with a Cygwin process,
> >what about using an arbitrary, unused SID like S-1-0-42?
>=20
> I am inclined to try S-1-5-7 (Anonymous). But I do not know if that is a
> bad choice for some reason or other.

I thought about Anonymous myself when I wrote my reply to your OP.  I
refrained from mentioning it because it might have some unexpected side
effect we're not aware about.

> The main reason that I am weary of using an unused SID is that Microsoft
> may decide to assign some special powers to it in a future release (e.g.
> GodMode SID). But I agree that this is rather unlikely in the S-1-0-X
> namespace.

I think it's very unlikely.  We could chose any RID value we like and
the chance for collision is nil.  When I created the new implementation
for POSIX ACLs, I toyed around with this already and used a special
Cygwin SID within the NULL SID AUTHORITY.  I'm not entirely sure why I
changed this to the NULL SID deny ACE.  I think I disliked the fact that
almost every Cygwin ACL would contain a mysterious "unknown SID".

On second thought, maybe that would have avoided the UoW problem?!?
Well, how should I have known about UoW when I implemanted this, right?

> >How do you differ nobody from nogroup if you use the same SID for both,
> >btw.?
>=20
> I use the same SID for both nobody and nogroup. This should work as long
> as you use the permission mapping from the [PERMS] document.

Keep in mind that Interix only supported standard POSIX permission bits.
Cygwin strives to support POSIX ACLs per POSIX 1003.1e draft 17.  That's
a bit more extensive.


Corinna

--=20
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Maintainer                 cygwin AT cygwin DOT com
Red Hat

--kfjH4zxOES6UT95V
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCAAGBQJXba1TAAoJEPU2Bp2uRE+gWv0QAILCI9o+fEf9CQd8lzaCvc1w
38MGwOalqMTlfPhO+hZqahBXn5EsmnhFq7MUALjh5V0xa0rBKXcyErBdmghn6ROP
5pQnjpz8aE7R9kJvgQlwG5VmRfKQxLhgt8JuI/FHS3qt2+DfPW90HKO2NSi5lr/J
hcLdXdg6J0rb83tWR3F5MlWbZ9/tZXCSYtKDwj66T2MR9hSXpMxoIIwyQGW0CZic
usIaCb0khg+yYxMeRptLlElzzc1FPMAH1rLTdk1WPmS46NiTk6uVYFzZkDQuCZ3J
Dz4gGAr+o5/iboyLNYahNnlAFh2jeRQKrkFPEh5AJYp2/KP+WJPrWqN1VDTWWaqq
wCh1C2g0HFnUDxQPQWPWbNr54qgOUuTFnWtQ7wMNVg5VmOFDUfNny5r8YMZ5WCLg
D69phXLN8Td1NVX3yoQZBf6UiFltYY84TSnACR5ELWllQSOvZrP+s39ETMSBssPz
UAj/kcqrbb+ddTRX/Zt6Ijdyztp1gIZZnJEBVwM1WgCksPjCrlIKjG7t9P6zZgDv
PGNYunkeW65ScU0oWDFHjcWZ0gxpKGcn//Lb7Y4revhBrNtxuDuFfmRXYB4djPR1
7ihvt6q4UhXbNjEh4fqxV4rcNt4HKpzQlcf3EVQEGXrLSMqDpjUQy40TkTMNJQ4J
Czu2plO3giu5jUnZuP7C
=RBe6
-----END PGP SIGNATURE-----

--kfjH4zxOES6UT95V--