Mailing-List: contact cygwin-developers-help AT sourceware DOT cygnus DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-developers-subscribe AT sources DOT redhat DOT com>
List-Archive: <http://sources.redhat.com/ml/cygwin-developers/>
List-Post: <mailto:cygwin-developers AT sources DOT redhat DOT com>
List-Help: <mailto:cygwin-developers-help AT sources DOT redhat DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender: cygwin-developers-owner AT sources DOT redhat DOT com
Delivered-To: mailing list cygwin-developers AT sources DOT redhat DOT com
Message-ID: <3B66CC47.8040704@ece.gatech.edu>
Date: Tue, 31 Jul 2001 11:18:31 -0400
From: Charles Wilson <cwilson AT ece DOT gatech DOT edu>
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.2) Gecko/20010713
X-Accept-Language: en-us
MIME-Version: 1.0
To: Charles Wilson <cwilson AT ece DOT gatech DOT edu>
CC: cygwin-developers AT sources DOT redhat DOT com
Subject: Re: Problems with autoconf-2.52 testsuite using current CVS Cygwin
References: <996329431 DOT 27668 DOT ezmlm AT sources DOT redhat DOT com> <3B63432E DOT 6050309 AT ece DOT gatech DOT edu> <3B649305 DOT 2090302 AT ece DOT gatech DOT edu> <3B64C0A9 DOT 1080700 AT ece DOT gatech DOT edu> <3B64F567 DOT 6060304 AT ece DOT gatech DOT edu> <3B65835C DOT 9000001 AT ece DOT gatech DOT edu> <3B65A2B8 DOT 90702 AT ece DOT gatech DOT edu>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit


 > On Mon, Jul 30, 2001 at 02:08:56PM -0400, Charles Wilson wrote:
 >> I have not been explicitly adding an
 >> "extra" ACE for group:18: (SYSTEM) which is automatically added for 
 >> new directories under the CVS-cygwin.)

 > I don't know why that happens. I have tried it and it seems to
 > be created by the `CreateFile' call already. But it would be too
 > easy if that would happen always.
 >
 > I have found two cases on my system which _seem_ to be identical
 > but in one case, a SYSTEM ACE is created and in the other case not.
 >
 > It's a mystery. The problem is that the base routine in security.cc
 > (alloc_sd) can't know if that's a superfluous just created ACE or
 > if it's an ACE explicitly created by the user. For that reason I
 > fear it's somewhat dangerous to drop it.
 >
 > Comments?

I think it's probably a good idea to keep it.  That way, on a multiuser 
system if a user restricts a directory/file, the system can still access 
and manipulate it if necessary.

OTOH, I *think* this is the source of my problems.  I (as cwilson) did 
this to a directory by accident -- and then couldn't access it as 
Administrator.  So, I added Administrator access perms (using the W2K 
GUI) to the entire tree -- but unfortunately, I used the "inherit" 
property.  Anyway, somehow that interacted with the new "don't inherit" 
behavior, leaving newly created subdirs without ANY ACE's in their ACL. 
  Ick.

Is "delete entire cygwin tree, reinstall from scratch" an acceptable 
fix? :-)

 >> I fear this problem may hit more folks than just me, when 1.3.3 is
 >> released and Corinna's change from 7/9/2001 takes effect. Her change
 >> will prevent *future* problems, but as I demonstrated, can cause
 >> problems under dirs created using earlier kernels...
 >> > OTOH, it only affects W2K/NTFS users...

 > AFAICS, the problem was already existant for a long time. My
 > changes prevent newly created directories to propagate the
 > problem into the future. It just can't revert the wrong setting
 > from already created dirs.

Yep.

 > Perhaps a script would be a good idea. Personally I'm pretty sure
 > that most users will never see that problem, though...

Famous last words.  I could probably whip up a perl (or shell) script to 
do this -- but: what cygwin command can I use to turn off "inherit from 
parent" or "propagate to child" behavior on an existing directory?  Not 
"chmod 0xxx" is it?

--Chuck