X-Recipient: archive-cygwin AT delorie DOT com DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:from:to:subject:date:message-id:references :in-reply-to:content-type:content-id:content-transfer-encoding :mime-version; q=dns; s=default; b=oJNtnZpdmJR7GCtd5e14Pkwj3KcWh f93X1oA30sRYRtCylVET3+NxT2E+PvHbw/zynPZK9d7pvva1IQPVv8svNsesBzBR eQzi5eDl7d7qxrTzbxAdMwH3b0OTUoeZFTzmS3wqdQ/G3I+R9MlQOj/YYbqjTVfn AbDzMZbjL43qZM= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:from:to:subject:date:message-id:references :in-reply-to:content-type:content-id:content-transfer-encoding :mime-version; s=default; bh=Fc/dw6LjWxijwBi7h8Fe8Nj+6CM=; b=Q7Z 4Ldh0uw1ahnDXnO/2yAFFao8U9l37QOPTrfLWbtQ2ecw7RN0ybV5UWbbWd/YSjDe dVCXFT5v4IOyT8Oqu0ycKbDv6oVh4RAvD/LyvRQD2dr2ztdW3EmFfIwOvu2Nd+Vp TdSRgfC18bos7nZUUnhwVs9D+Rld1AOBuAzlSkqc= Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=3.4 required=5.0 tests=AWL,BAYES_50,CYGWIN_OWNER_BODY,MIME_BASE64_BLANKS,RCVD_IN_DNSWL_NONE,SPF_HELO_PASS,SPF_PASS autolearn=no version=3.3.2 spammy=ErikSoderquist AT gmail DOT com, U*ErikSoderquist, ErikSoderquistgmailcom, sk:ErikSod X-HELO: na01-bl2-obe.outbound.protection.outlook.com From: Bill Zissimopoulos To: "cygwin AT cygwin DOT com" Subject: Re: POSIX permission mapping and NULL SIDs Date: Fri, 24 Jun 2016 22:53:00 +0000 Message-ID: References: <20160624195144 DOT GB27089 AT calimero DOT vinschen DOT de> <20160624215948 DOT GD27089 AT calimero DOT vinschen DOT de> In-Reply-To: authentication-results: spf=none (sender IP is ) smtp.mailfrom=billziss AT navimatics DOT com; x-ms-exchange-messagesentrepresentingtype: 1 x-ms-office365-filtering-correlation-id: 2813b769-6c51-4618-6d01-08d39c824b10 x-microsoft-exchange-diagnostics: 1;BN4PR07MB2195;6:BfxqHluLlUXMfhmOlUyhhpJoMoeuI8Oo8WL/ZqyqCVOjFGNzRH9Na95xPQdc+zjFK9H2FZQ/Tjr4VuEuYs3JASI1gd7u0kDyW5DKQjcLuo+T+pxiL1nuDgiucUegsSih/BEKKttenOi3ssYjX8Sid9s48DcCBkGCoA27M/0fLcCyU4sdaxyNyehweHSlBpz04x2gzle8v4QAnz+715zbGVlDvhegI3q4Odkdhv0bsRx2Q/wqiIYQQjQojOTu+IdhG22SalxwZzXauY1SOe/z4B6RyUi0F/ystnIkqdGiB8py3gZsSYipNc3GDAXVWqnc;5:jErMDcDEMpBcmi/972pl3utR7duq18ubkqXrtyiAhmN7XLiyzSavrm0IbcMuvoogw6Jj1gfPE1/cu7hPtLUGyr3+KNbG7NjLkr75ndsKntEuI1sYUW/OuNoGC458iIydtw306uf0+4BtFjfWX/29Sg==;24:3lwDpbwl8ux1ONWIXq/kMidAB7mB+IWvtmHTJ3KlwB3pm5jcnjZ6LT+DON6kT6qKwkMQkcU0MDpvEJU0n3KVFqgtBeGt5urBc5dfwJS6T2I=;7:TaGlQXbiI/VHdy1JRcPeMJD8SGW45/H+B9xovorIySk9cxMPZhYOesAVHrZr0jBssm+a/4O9uhCXGBMO06joBFt6h5Dyilt6eKJU4FZWRbZkECoiWWKUmapfsSGK62NKIogZQc6N30Qtx1QlQHRVgJL76Yeiobke01yaOdua1yK6fJHI1AN9i7kSDVLDxm5I60ecC9cF1pd5mQ9WKv6y5L0SzsDKIwhKmBs9o/UFIIXf3faiCTnl3Znyh1gF3MXu x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:BN4PR07MB2195; x-microsoft-antispam-prvs: x-exchange-antispam-report-test: UriScan:; x-exchange-antispam-report-cfa-test: BCL:0;PCL:0;RULEID:(6040130)(601004)(2401047)(8121501046)(5005006)(10201501046)(3002001)(6041072)(6043046);SRVR:BN4PR07MB2195;BCL:0;PCL:0;RULEID:;SRVR:BN4PR07MB2195; x-forefront-prvs: 0983EAD6B2 x-forefront-antispam-report: SFV:NSPM;SFS:(10019020)(6009001)(7916002)(199003)(377454003)(189002)(24454002)(101416001)(450100001)(5002640100001)(106356001)(106116001)(7736002)(110136002)(189998001)(107886002)(6116002)(3846002)(87936001)(99286002)(586003)(7846002)(305945005)(102836003)(97736004)(2501003)(10400500002)(122556002)(3660700001)(3280700002)(11100500001)(50986999)(54356999)(36756003)(66066001)(68736007)(77096005)(105586002)(81166006)(81156014)(5640700001)(2900100001)(2351001)(8936002)(2950100001)(8676002)(1730700003)(19580395003)(92566002)(19580405001)(2906002)(93886004)(86362001)(76176999)(94096001);DIR:OUT;SFP:1102;SCL:1;SRVR:BN4PR07MB2195;H:BN4PR07MB2195.namprd07.prod.outlook.com;FPR:;SPF:None;PTR:InfoNoRecords;A:1;MX:1;LANG:en; received-spf: None (protection.outlook.com: navimatics.com does not designate permitted sender hosts) spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM Content-Type: text/plain; charset="utf-8" Content-ID: MIME-Version: 1.0 X-OriginatorOrg: navimatics.com X-MS-Exchange-CrossTenant-originalarrivaltime: 24 Jun 2016 22:53:00.5849 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 21071be9-4f9a-413b-89ac-8353a5d2410a X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN4PR07MB2195 X-IsSubscribed: yes Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from base64 to 8bit by delorie.com id u5OMrSRx006321 On 6/24/16, 3:06 PM, "cygwin-owner AT cygwin DOT com on behalf of Erik Soderquist" wrote: >On Fri, Jun 24, 2016 at 5:59 PM, Corinna Vinschen wrote: >>> I am inclined to try S-1-5-7 (Anonymous). But I do not know if that is >>>a >>> bad choice for some reason or other. >> >> I thought about Anonymous myself when I wrote my reply to your OP. I >> refrained from mentioning it because it might have some unexpected side >> effect we're not aware about. > >I know in at least some versions of IIS, the Anonymous SID is the one >explicitly used for all not logged in www/ftp/etc clients connecting >to IIS -- not sure if that would affect this discussion. It is my understanding that this is the intended use of the Anonymous SID. I have not thought enough to know whether it would fit properly in this use case. One caveat is that Cygwin already maps S-1-5-7 to uid 7. So does that mean that 7==nobody in Cygwin’s case? Bill